Security is a shared responsibility between MSSPs and their clients. Yes, the provider was hired to do a job -- be it SOC operations, threat intelligence or offensive security -- but part of the job is also to consult and communicate with the client to help them gain some degree of cyber self-sufficiency. This discussion will reveal how providers can teach their clients how to develop a secure corporate culture, how to share responsibility and accountability for security matters, and how to broaden their security awareness through partnerships with professional development organizations and information sharing groups.

To what extent should compliance with privacy and security frameworks -- whether imposed by government bodies or industry standard organizations -- be the decisive factor when MSSPs choose their tech stacks and craft their threat defense strategies? Meanwhile, are would-be MSSP customers deciding which managed services provider to hire largely based on their compliance needs, or are they more influenced by other market forces and threat trends? And for those organizations who ARE building their managed services strategies around compliance, which frameworks, laws or standards should be highest priority? This segment will offer important perspectives on these key questions.

Show Notes: https://securityweekly.com/cfh13