authored by Bryan Doerr, Cisco Cybersecurity Manager
As the threat landscape continues to become more complex, more and more businesses are looking to outsource their security needs. According to the 2018 Cisco Cybersecurity Report, 44 percent of enterprises and 54 percent of small businesses based in the United States outsource their security monitoring capabilities. The Global Managed Security Services Market has a projected compound annual growth rate of 14.5 percent through 2022, reaching US $45 billion.
Cisco’s new Stealthwatch Cloud was designed to empower service providers to offer effective managed threat detection services without an upfront product or infrastructure capital, thereby making it fast, easy, and low risk for service providers to present a new security offer to their customers.
Here are just a few reasons why Stealthwatch Cloud is a perfect fit for managed security services providers (MSSPs):
Cloud-managed hosted service
Stealthwatch Cloud is a cloud-managed, software-as-a-service offering. All of the service development and infrastructure management is handled by Cisco. Service providers don’t have to worry about patching, deploying infrastructure, or maintaining availability. In addition, new features and improvements are added regularly by Cisco.
Post-paid, consumptive licensing model
The Stealthwatch Cloud MSSP program features the Cisco Service Provider License Agreement (SPLA) pricing model. With this month-to-month, post-paid, utility-based licensing model, MSSPs enjoy all the benefits of an easy-to-deploy and agile threat detection and monitoring solution without up-front purchases. And, as aggregate customer volume grows, unit costs decrease, providing increased margin opportunities.
Stealthwatch Cloud is a perfect component for a premium incident response and remediation service. When your customer is in a tight spot with a known compromise, they will be looking for a service that identifies the extent of the breach and removes the threat from the network. Because Stealthwatch Cloud provides easy deployment and out-of-the-box security awareness to assist incident responders, it is a perfect component to a premium service that provides breach detection, triage, investigation, and remediation.
Multitenant management portal
Stealthwatch Cloud’s multi-tenant service provider portal is designed to monitor the health and security of MSP customers’ networks from a single console. Using this portal, operators can see an aggregate of traffic and alerts, and easily pivot into investigation mode to quickly uncover the underlying cause of an alert. In addition, full APIs allow for integration of Stealthwatch Cloud into existing operations workflows and processes.
Easy to use, effective threat detection
Excessive, irrelevant alert volume is always a bad thing, but it is exceptionally disruptive for MSPs that need to monitor numerous distinct networks at the same time. Cisco developed Stealthwatch Cloud to be a low-noise, actionable threat detection tool. Currently, Cisco customers rate 95 percent of Stealthwatch Cloud alerts as “helpful.” This translates to high-value notifications, without security operations center (SOC) overload caused by distracting noise.
Stealthwatch Cloud is easy to deploy. It doesn’t require endpoint agents, extracting telemetry directly from the network instead. MSSPs can simply deploy a software sensor and direct NetFlow or SPAN traffic to it. In Amazon Web Services (AWS) environments, an MSSP gives Stealthwatch Cloud read-only access to various log files, a process that can take as little as 10 minutes. In addition, there is no need to configure the analytics or classify endpoints – all of this is handled automatically by Stealthwatch Cloud.
Want to learn more about how Stealthwatch Cloud helps service providers protect their customers and create new value-added services? Read the Automated Threat Detection for the Managed Services Provider At-a-Glance.
Want to try Stealthwatch Cloud today? Sign up for a free, 60-day trial here. MSSPs welcome!
- What: Cloud-Based Managed Security Services
- Where: Cisco Security area inside Cisco Booth, Hall 3 Stand 3E30
- When: February 26-28 from 9a-7p | March 1 from 9a-4p