Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

Rawpixel / Jeff Hu / Getty Images

Microsoft announced Monday that it's getting into the managed security services business. The company's Microsoft Security Experts program includes three new managed services.

Microsoft Defender Experts for Hunting is for its customers who have robust security operations centers but would like Microsoft to hunt for threats in data from endpoints, Office 365, cloud applications, and identity sources. Microsoft's experts will hand off any actionable alerts they discover to security operations center (SOC) personnel, along with remediation recommendations. Microsoft experts are also available on-demand to answer security questions about anything from incidents to action by nation-state actors to updates on the latest attack vectors. The projected launch window for the service is in the summer of 2022.

Microsoft Defender Experts for XDR is for customers who need to extend the capacity of their SOC. It extends beyond endpoints to provide detection and response across Microsoft 365 Defender. It will investigate alerts and use automation and human expertise to respond to incidents alongside a local security team. Preview of the service is expected to roll out in the fall of 2022.

Microsoft Security Services for the Enterprise combines proactive threat hunting and managed XDR. It leverages Microsoft's complete security information and event management (SIEM) and XDR stack to protect all cloud environments and all platforms. The service uses Microsoft security experts to manage onboarding, daily interactions, practice modernization, and incident response for an organization. The service is sold through a custom statement of work and is available today.

Incident response, modernization services rolled into Experts program

Microsoft will be rolling two existing offerings into the Experts program. Microsoft Security Services for Incident Response provides experts who can be consulted before, during, and after a data breach. The Microsoft pros can help an organization remove a bad actor from its environment, remediate its defenses after a breach, and build resilience against future attacks.

Microsoft Security Services for Modernization is aimed at customers engaged in a security transformation of their organization. It provides consulting services to help customers at any stage of their security journey, including embracing a Zero Trust approach to security.

"[T]echnology alone is not enough to defend against cybercrime," Microsoft Corporate Vice President for Security, Compliance, Identity, and Management Vasu Jakkal wrote in a company blog. "Technology is critical, but it's the combination of leading technologies, comprehensive threat intelligence, and highly skilled people that makes for a truly effective security posture."

Harder for organizations to build security teams

The challenge in this critical moment when cybersecurity has reached an inflection point, Jakkal noted, is that organizations are facing a cybersecurity talent shortage, with nearly one in three—or 2.5 million—security jobs vacant in the United States. That's pushing the time of detection for a breach to an alarming 287 days. Even when talent is available, access to highly skilled expertise remains a challenge. "It’s getting harder every day for organizations to build and maintain a full security team, let alone one with the ever-expanding skillset required to meet the range of today's security demands," he wrote.

John Mello writes on technology and cyber security for a number of online publications and is former managing editor of the Boston Business Journal and Boston Phoenix.

Copyright © 2022 IDG Communications, Inc.