Managed security, the machine learning way

Ian Trump

Managed security is becoming an enormous source of potential revenue for MSPs and a huge relief for IT departments trying to stay ahead of threats and compliance issues. Well, this week managed security has become even more important to MSPs and IT departments. This week, managed security got clever – very clever indeed.

On Wednesday we launched LOGICcards, a major enhancement to LogicNow’s IT service management platform called MAXfocus. We now perform analytics on the data gathered from more than 12,000 MSPs, 175,000 networks, 2,000,000 endpoints and 12,000,000,000 emails. It’s the ultimate machine learning enabler as now 12,000 MSPs have access to the types of capabilities normally reserved for huge companies or the occasional (actually, very rare) MSP with a data science capability. This is a huge feature and capability for small and medium size organizations and is usually found for a much higher price. LOGICcards will be included as part of our existing dashboard.

The ‘flavour’ of analytics LOGICcards delivers is really important. It’s not descriptive analytics (telling you what’s already happened). It’s not even just predictive analytics (forecasting what’s likely happen). It’s prescriptive analytics - determining both what is likely to happen and recommending the best course of action for optimal outcome.

What does this mean? Well, in practice it means that, based on security posture, devices and threats, IT pros will be notified of potential security issues and compliance issues before problems arise, and advised how to address them in the best way for their organization. Let’s take a look at a real-life example of why prescriptive analytics will have a transformative impact on IT pros:

  • Preventive example: Adobe Flash Removal
  • Detective example: high number of General Protection Faults logged
  • Forensic: example: new software installed on server/workstation, administrative rights in use

These and many other LOGICcards provide valuable information that can increase security immediately, prevent security incidents from happening and identify when a security incident may be occurring. This is threat intelligence and threat mitigation rolled into an easy to use format in the world’s most popular Remote Monitoring and Management dashboard.

But what about the next stage? Well, we’re already on that:

  • Automated: The security update to address the XYZ vulnerability has been deployed to the following devices that have application ABC installed – your networks are secured against XYZ – sit back and relax!

There’s so much more to talk about on this subject – and we will, over the coming weeks – but for now I just wanted to share my excitement at the impact that machine learning will have on Managed Security, those who provide it and those who rely on it.