FC Boonzaaier, Security Operations Manager, Nclose.

“Before you start a journey with a managed security service provider (MSSP), there are important questions you need to ask.” That’s according to FC Boonzaaier, Security Operations Manager for Nclose.

“What is the level of service you need in terms of your company’s size? Is the MSSP big enough to resource this service? Are you looking for something simple, like a firewall, or do you need more complex security architecture? Can the service be added onto in the future? And, finally, is there a good culture fit, and do you work well with the MSSP?”

Having clearly defined expectations about what you want will help you find your perfect match. As the client, you’re making an investment into your security services, and the MSSP you choose should understand your needs.

It’s important to establish whether the MSSP is certified, and what their partner level is. There are benefits to choosing a higher partnership level. “Nclose has been established for 17 years and we have grown hugely over the past decade. All our skills and resources are top-level, and when you partner with us, you benefit from this expertise, no matter what size your company is,” Boonzaaier says.

“ Clients who don’t have an in-depth knowledge of cybersecurity will need advice on the best way forward. Often, the best scenario is when the client includes the MSSP in their cybersecurity roadmap from the planning stage onwards. For example, deciding on an advanced tool when you don’t have the basics fully in place won’t work well.”

Always start with the basics, which include Control, Prevent and Detect. Then you are almost all the way there, and since every rand of spend counts, this may be enough. There are many options available, and it’s better to explore them fully to find the one that is most effective and affordable for you, before committing to a solution.

Tool sprawl is an issue that every organisation should try to avoid. With skilled engineers, and continuous monitoring and auditing, you can often breach a gap in technology without having to invest in anything more. Some clients are reluctant to invest in one technology and prefer to diversify. However, from a tool sprawl perspective, if you extend your tool set using the same vendor, it is easier to implement. If you are confident in your MSSP’s service, you will not need to buy an additional tool every time there is something new on the market.

AI is a hot topic in the security landscape. There is a rising demand for AI threat detection, due to its speed and analytical abilities, and more and more companies are adopting it. “However, AI is prompt-based, and it can be confidently wrong,” Boonzaaier warns. “Human verification is still very important. My advice is to trust but verify when making use of its potential.”

Nclose’s ethos is to be a trusted partner to their customers. “We strive to give honest advice that will work for you without unnecessarily disrupting your existing structure. If we are able to adopt an approach that uses a client’s existing resources rather than a more extreme solution, we will do that. A lot of organisations are surprised to discover that their tools still have more potential before they need to upgrade. Knowing how to sharpen a client’s existing security investment is very important,” Boonzaier says.

With every major security upgrade performed for existing clients, Nclose first conducts a personal, in-depth conversation with the client about the change – why it is necessary, and the best way forward. “Above all else, you need to trust your MSSP,” Boonzaaier concludes.

Want to know if Nclose fits your cybersecurity needs?

Visit our website at www.nclose.com and feel free to contact us.