Can you recommend any effective MSSP collaboration strategies? How do you work with the provider in a way that allows you to maintain control over your security operations but still benefit as much as possible from their enhanced detection and response capabilities?

Outsourcing & Managed ServicesSecurity & GRC
1.3k viewscircle icon1 Upvotecircle icon2 Comments
Sort by:
Director of Business Development in IT Services3 months ago

Fully agree with Greg—co-managed solutions are often the most effective in my experience. 

Most of the customers that chose this solution ultimately did so because they had experienced things such as hiccups as an abundance of stalls or had breaches.

They offer broader coverage and ensure that both major and minor issues get the attention they deserve. The real win is in combining AI with experienced human oversight. New threats emerge constantly, and while AI can monitor 24/7, it takes a seasoned eye to catch what "doesn't quite look right"—or even what does look right and let it go when falsely stopped.

A hybrid AI + human model, especially one with a “quarantine-first” strategy, offers the strongest defense. And if the provider backs their service with real insurance that covers you under their umbrella if their protections fail—that’s the cherry on top.  Just make sure you read the fine print. Coverage that looks solid in a slide deck may not mean much when things actually go wrong.

Lightbulb on1
CISO in IT Services3 months ago

Co-Managed solutions are the optimal way to work with the providers. Clients should always maintain the license and root/admin control to the shared platform, however the MDR/MSSP should be handling changes, documentation, direction, 24x7 monitoring and response actions. All of these actions are governed by or directed by the client of the MSSP/MDR. 

Lightbulb on1

Content you might like

Non-human identities (NHIs), such as API keys, service accounts, and tokens, outnumber humans by 25 to 50 times and often go ungoverned. From Entro’s 2025 report:
• 90% have excessive permissions
• 44% are exposed in the wild
• 91% of stale secrets are never revoked

What helped us: inventory, assign owners, right-size access, monitor behavior, and test continuously.

How mature is your NHI program? Biggest barrier, tooling, ownership, or adoption?

AI deepfakes have cost the industry over $200M this year. As CISOs, can we scale detection fast enough, or is regulatory pressure the only way to drive adoption?

If you’ve worked with mobile applications and have experience scanning code, either for vulnerabilities or to ensure best practices, what tools or solutions would you recommend for iOS and Android platforms?

How many direct reports away from the CEO is the senior-most security executive?

Direct report11%

125%

233%

318%

49%

>51%

View Results

Ukraine’s CERT-UA recently exposed LAMEHUG malware that uses Large Language Models to generate attack commands in real-time via legitimate AI services (Hugging Face API). What is your organization’s current readiness level for AI-powered cyber threats?

A) Fully Prepared - We have AI-specific threat detection, monitoring of AI API usage, and updated incident response procedures for AI-assisted attacks

B) Partially Prepared - We’re monitoring some AI services and have basic awareness, but lack comprehensive AI threat modeling and detection capabilities

C) Early Assessment - We’ve identified the risk and are evaluating AI security frameworks (MITRE ATLAS, CSA MAESTRO, OWASP AI guides) but haven’t implemented controls yet

D) Unprepared - We haven’t specifically addressed AI-powered threats in our security strategy or implemented AI-focused monitoring

View Results