pdf

SecureWorks - going the mssp route - tco issues.pdf
Secureworks Going The Mssp Route Tco Issues

Paper discussing Total Cost of Ownership considerations for MSSPs.

This page contains AI generated content. Errors or omissions may be present. Use human level critical thinking.
  • Q: How does SecureWorks define 'Total Cost of Ownership' (TCO) for a SOC?
    A: It includes not just hardware and software costs, but also facility costs, power/cooling, recruitment, training, benefits, and ongoing tuning/maintenance.
  • Q: What is the 'economies of scale' argument for MSSPs?
    A: MSSPs can spread the cost of expensive threat intelligence, advanced tools, and 24/7 staffing across hundreds of customers, lowering the per-customer cost.
  • Q: What specific 'Hidden Cost' of in-house SIEM does the paper highlight?
    A: The continuous effort required to parse new log sources, create new correlation rules, and tune out false positives.
  • Q: How does the paper address 'Staff Attrition'?
    A: It argues that MSSPs are better equipped to handle turnover because they have a larger pool of analysts and established training pipelines.
  • Q: What is the 'Capital Expense' (CapEx) vs. 'Operating Expense' (OpEx) argument?
    A: MSSPs allow organizations to shift security costs to a predictable OpEx model, avoiding large upfront CapEx investments in hardware and software.
  • Q: What is the benefit of 'Global Visibility' offered by an MSSP?
    A: The ability to see attacks across a diverse customer base and proactively protect other customers from the same threat.
  • Q: How does SecureWorks counter the 'Loss of Control' objection?
    A: By offering customer portals that provide transparency into the alerts, tickets, and actions taken by the MSSP.
  • Q: What is the 'Time to Value' comparison?
    A: An MSSP can be operational in weeks, whereas building a mature in-house SOC can take 12-24 months.
  • Q: What is the '24x7x365' staffing challenge cited?
    A: The difficulty for most organizations to find and keep 10-12 qualified people willing to work nights, weekends, and holidays.
  • Q: What is the 'Focus on Core Competency' argument?
    A: That for most non-security companies, building a SOC is a distraction from their primary business mission.

Ask a question

Have a doubt or need clarification?



I’m here to help. Share your question, and I’ll get back to you with the guidance you need regarding the course.

Thank you!

I have received your message and I shall get back to you shortly.