Critical Informatics has been recognized as a Representative Provider in Gartner’s June 2018 “Market Guide for Managed Detection and Response Services.”
Available for purchase, the guide outlines the market evolution from Managed Security Service Providers (MSSPs) to Managed Detection and Response (MDR) Services to address the rapidly-evolving threat landscape, increasing regulatory pressure, and lack of qualified information security practitioners.
CI Security by Critical Informatics, soon to be rebranded as CI Security, is helping set the standard for MDR Services, and we are not stopping there.
We sat down with Mike Hamilton, Chief Information Security Officer, to discuss the revelations in the latest market guide and our inclusion as a Representative Provider.
What makes this year different for CI Security?
We were delighted to be recognized alongside other established companies in the Gartner Market Guide. As an early stage company, we have the agility to continuously re-invent ourselves to stay ahead of threats that have become a constant feature of being connected to the global network. We are committed to helping our customers better meet their own missions in a world of sophisticated organized crime and increasing nation-state actions. Our mission to protect digital health has always propelled us to listen and adapt to our customers, and this year we’re continuing to enhance our services to meet the customers’ needs.
Why are companies looking at MDR Services so closely?
Preventive controls are not enough. Firewalls, anti-virus, URL filtering, e-mail security, and user judgement all routinely fail. Before we launched our managed detection and response service, our customers struggled to conduct effective monitoring, detection, response, and recovery, using a maze of technology solutions that did not integrate well. It’s fundamentally a people problem. Experienced security staff is needed to select, tune, and maintain detection technology, as well as to investigate the barrage of alerts that are generated. Our goal is to provide one holistic solution. We extend the customers’ teams by providing both people and integrated technology in a complete managed service. Our solution provides regulatory compliance, risk reduction, and cost avoidance while leveraging customers’ existing technology investments.
How does CI Security differentiate itself from the other vendors?
Our platform is purpose-built for highly regulated sectors such as healthcare, finance, and government. We don’t require any agents to be deployed, nor additional technology purchases.
Using packet capture, we can protect regulated records while retaining the ability to conduct investigations and confirm incidents with 100% accuracy. We keep those packets on the customer’s premise inside their protected perimeter. All of this means a seamless implementation and elimination of more false positives. But really, it’s our people—our security analysts—that differentiate us. Additionally, our offering can include a full suite of information security consulting services, which puts us in a unique position to help our customers with everything from policy to risk management—thus creating a holistic, integrated security solution.
We are solving the underlying people problem with a combination of experts and technology, providing holistic, critical insight into the security posture of our customers.
Gartner predicts by 2020, 15% of organizations will be using Managed Detection and Response services, up from less than 5% today. What’s driving this trend?
It’s about risk management. Risk is the product of the likelihood of an event with the impact of the event should it occur. Preventive controls—which every organization has deployed—can reduce the likelihood of a threat, but that likelihood will always be nonzero—a security incident is a foreseeable event. Accurate detection and rapid, effective response can limit the impact of the event. For instance, with good detection and response, the impact can be the cleanup and restoration of a single, unimportant asset – rather than the loss of records, intellectual property, funds, or continuity of operations. We address the impact term of the risk equation, and this is not lost on the C-Suites that are now discussing information security risk as just another business risk.
What trends should we expect to see in the year ahead that MDR can cover?
A significant trend is the increasing activity of nation-states, obfuscated by the difficulty we have in accurately attributing attacks. We now have examples of actions taken by a country to disrupt the economy of another country, with collateral damage to businesses everywhere. Nations use tools—some stolen or leaked from the US—that are sophisticated and require good analytics to tease the indicator needle out of the haystack of alerts. MDR can help here—customers need the combination of great security analyst talent managing improved detection analytics. Another trend I think is worth watching is the focus on third party security—it is routine now to require business partners, supply chain vendors, etc. to attest to their security controls. MDR is almost a magic bullet there – organizations can claim to have a set of controls and oversight that is far beyond their reach by engaging an MDR service, and that’s attractive as a competitive differentiator – it enables business. I’m looking to see that logic applied more broadly.
Finally, you’ll see MDR vendors expanding outside their core managed detection and response solutions. For example, we launched our Continuous Vulnerability Identification (CVI) service last year, and continue to offer a full suite of Information Security consulting services. You’ll also see MDR providers providing managed detection and response services in more places—for instance, in cloud and SaaS environments.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.