|
Managed Security Metrics Provider
|
An Managed Security Metrics Provider (MSMP) is an evolution beyond the traditional MSSP (Managed Security Services Provider). While the MSMP may occasionally be responsible for the ongoing management of security and operational functions, their primary function is to take responsibility for gathering and reporting on key statistics within the environment. These include Key Performance Indicators (KPIs) that are tracked around such items as viruses, worms, and trojans, total volume of email vs. total number of spam email, detected attacks, blocked attacks, etc. The overall goal of the MSMP is to "own" the statistics and provide ongoing consistency and reliability in the numbers themselves. The metrics provided by an MSMP are used by CIOs, CTOs, and CFOs for business decisions, and by other management and IT support groups to demonstrate compliance to internal and external auditors, as well as to justify purchasing decisions.
The MSMP may gather the statistics in a number of ways, including concentrating event logs from servers and security devices, reports that come from security and network monitoring systems, and even manually by logging into systems to retrieve the information. The key to success in the MSMP approach is to ensure that there is a documented process for gathering each statistic and that it is followed consistently. Organizations who engage an MSMP often already have a relationship with an MSSP who is managing components of thier infrastructure, but they are lacking the ability/time/resources to get the information out of their systems that they need in order to make business decisions around capacity and appropriate security and operational controls.
|
