N-able CSO: MDR 'gets us more in the MSSP space'

A greater percentage of N-able partners are using its new Managed Detection and Response (MDR) offering in Australia than any other market, according to an Australian representative for the company.

Two of three “super elite” Australian N-able partners were users of N-able MDR when they met the vendor’s CSO, David MacKinnon, during his visit to Australia in June.

“What they're finding really exciting about it is it’s vendor agnostic,” MacKinnon told CRN Australia, “so they don’t necessarily have to have a certain EDR solution in place to be able to use the MDR solution.”

“What they’re also telling us they’re excited about is that the data is stored in Australia; that’s really important for them,” he said.

MDR is a “big piece” for N-able, MacKinnon said. “It really gets us more into the MSSP space… It's a pivot, the market needs it.”

Various vendors have added MDR offerings in the last 12 months, including by acquiring other companies. Many have pushed MDR as a way for MSPs to expand their cybersecurity capabilities without excessive resources.

“Some of it is validating the alerts,” MacKinnon said. “If you just have a typical EDR service or EDR product, it's going to be generating false positives and that's going to be using up your cycles for the MSP to able to send a resource to go look at it and validate it, and at some point they become overwhelmed and then you're not looking at it.”

“So, to have that MDR service that's looking and validating that something is an issue and then taking that next step; there's value in that.”

Vendors also position MDR within the context of business resiliency. “The ultimate step is not just being able to monitor, it's being able to protect,” MacKinnon commented. “So, moving away from saying ‘this is bad’ to saying ‘This is bad, we observed it as being bad, we know what's happening in the environment and we've put the band-aid on to protect.’”

MSPs are well-positioned to help customers with resiliency, in MacKinnon’s view.

“One of the big pieces when you talk about resiliency is order of execution for recovery. So, when you have an event, what do you want back first? Every business says ‘I want it all, I want it now.’ But the reality is, in order for a business to successfully come back online in the right order, you need to understand what are your most critical assets, what do you need to bring back online first?”

“This gets to the core foundation of the business, and then how do you build those layers in? That's where the MSP really can thrive because they understand the business, they understand how that business functions, they understand what data resiliency pieces they have in place, and often they have a plan for how to respond to some major event that occurred in that business.”

“And it doesn't have to be cyber related. I think everybody just assumes it's cyber related,” MacKinnon added. “If you lose your laptop, how quickly can we get it back? Understanding how much that impacts your business and how quickly can we get those pieces back sets proper expectation for recovery time objective and recovery point. So, how frequently do we need to back it up and then how much time can we afford to have that asset missing?”

“That's where I think N-able is in a prime position to sit down and help those MSPs foundationally come up with that plan for what they want their offering to be to their customers.”