Business Security
Why your business needs the best-of-breed combination of technology and human expertise
24 Nov 2025 • , 4 min. read
When I was in my mid-teens, I decided to get a job in a small local garage to learn how to maintain cars in preparation for owning my own. Years later, I was fortunate enough to have a company car. One day, it indicated that the oil was low and needed an oil and filter change. I knew what to do – I’d done that stint as a low-paid dogsbody in a garage. So, rather than booking it in (as I should have), I decided to drain the oil, change the filter, and refill with clean oil. I opened the bonnet.
What the hell is this?
I couldn’t recognise what was under there as any engine I’d seen just 10 years earlier. Undaunted, I jacked up the car and looked for the sump plug – the bolt underneath the engine that needs to be removed to drain the old oil. No sump plug! How do I get the oil out? After searching around for a while, I read the manual: oil changes could only be carried out by designated garages with the requisite equipment – in this case, an oil suction machine! I gave in and took it to the garage.
So what’s this got to do with cybersecurity – and a solution known as Managed Detection and Response (MDR)?
This story is analogous to the experience of many IT managers over the last 15-20 years. Once upon a time, they could maintain simple AV provision, tweak a few settings, and all was well. Today, what’s “under the bonnet” of advanced cybersecurity solutions is unrecognisably complex compared to yesteryear. This complexity isn’t by design – it’s by necessity. Cybercriminal networks and nation-state actors have developed ever more sophisticated tools and methods to bypass defences and extort money or disrupt services.
The technology advances in this arms race have, to a greater or lesser degree, left the generalist IT manager behind from a skills perspective. This isn’t their fault – nearly everything in modern businesses relies on IT, and security is just one small (but critical) part of the service they deliver.
Going back to my story about my (I like to think, valiant) attempt at self-maintaining my car: I’m akin to the generalist IT manager here – the tech got away from me, and I needed a specialist team to do what I used to be able to do. In today’s rapid escalation of cyberattacks versus cyber defences, the IT manager needs the skills of an F1 driver and a pit crew of multiple experts to deliver the necessary service.
XDR and EDR services are the F1 cars of the cybersecurity world – and many IT managers, security managers, and CIOs/CISOs just can’t drive them. That’s why Managed Detection and Response (MDR) services are often cited as the predominant way organisations will protect themselves. Earlier this year, Gartner forecast that up to 50% of all organisations will have adopted MDR by the end of 2025.
So, going back to the title, what’s the question?
Given that there are expert tools proven to significantly reduce the likelihood of a successful and damaging breach; that there are expert practitioners of these tools; that you are unlikely to have the requisite skills; and that you are unlikely to operate your own 24/7/365 SOC… if there was only one thing you could do to massively mitigate this risk to your organisation, what service would you implement as soon as possible?
It’s evident that the “treasure” available to cybercriminals and malicious nation-state actors by breaching defences has accelerated the sophistication of their tools and organisational structures. They are specialists – and MDR providers are too. MDR is no longer a “nice-to-have”; as many observers regularly highlight, it’s an imperative. Gone are the halcyon days of changing your own oil and installing a bit of antivirus software. MDR will, no doubt, be superseded – probably by MXDR – sooner rather than later, and this article could be rolled out again with a simple “search and replace” for MDR references throughout.
Sign up for our newsletters
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。