How does the pricing compare, among Managed Detection and Response (MDR) providers?
In the video below, Mike how much MDR costs, per endpoint, whether or not they include remediation, and several other aspects of pricing you need to understand before shopping for an MDR solution for your organization.
Want to know which MDR providers your company should be quoting? Click the button below and ask Mike today.
About Mike
Mike Smith has been helping companies select the best telecom, WAN, security, and cloud services since 1999. He founded AeroCom in 2003, and has been the recipient of numerous business telecommunications industry awards, including being recognized as one of the top 40 business people in tech-heavy Orange County, CA. Follow Mike on YouTube, LinkedIn, Reddit and SpiceWorks.
Transcript
Your company is looking into a managed detection and response solution, an MDR solution. Maybe your company has realized that, hey, this cybersecurity thing is getting a little bit scary, and we’re a little understaffed internally, and it’s just time to give that out to another third-party company and let them handle it for us. Because we all know it’s really expensive to staff cyber security folks in house. It’s really hard to keep those people in house, and it’s really hard to just keep everybody trained constantly on cybersecurity, because it’s changing all the time.
So great idea to reach out to an MDR company, but you’re wondering, hey, how much does it cost? Maybe you’re just getting into this and maybe you’ve gotten one quote, but you’re wondering, what are the costs out there that we should expect as an organization to pay for an MDR service?
Great question, and I’ll answer that in a second.
Want a shortcut?
But before I do, just a quick plug. If you’d like my recommendations on the best managed detection and response providers to quote for your organization, don’t hesitate. Just contact me, shoot me an email, give me a call (714.593.0011). I’ve been doing this for 20 years. I can save you a lot of time and get you to the right vendors very fast. More information on that at the end of the video.
Per Endpoint?
Okay, so when it comes to managed detection and response pricing, there’s a few different things that you want to think about. The first thing that everybody wants to know is, how much does it cost per endpoint?
Well, I can tell you if you’re looking at things like endpoint detection and response, like EDR or XDR, you can find pricing as low as sub $20 per month per endpoint. So it’s not that expensive when you think about all the services that they’re providing. So there are fairly inexpensive options out there. You can even get close to $12, $10, depending on how many endpoints you have. Obviously it’s going to be different pricing if you have, say, 100 endpoints versus 100,000 endpoints. There’s going to be a lot different pricing involved there. So that’s why I’m giving you kind of a broad range. But that’s the first piece you want to think about is cost per endpoint. And it’s roughly a little less than $20 per endpoint if you’re getting good pricing.
Remediation?
The second thing you want to think about is remediation cost. Does the MDR service provider offer remediation services? So if you do have a breach and you do need remediation, does the managed detection and response company that you’ve hired handle remediation? And if they do, how much do they cost? Do they charge a retainer? A lot of times these companies will say, “Hey, we do remediation, but we require a $25,000 retainer up front.” Some of them say remediation is included in the service, which is obviously pretty big, but that’s going to be a more expensive service. So that’s something you want to think about is what’s your likelihood of a breach? Is it pretty high? Then you probably want to make sure that the MDR service includes remediation, or maybe you at least want to have a third-party company that can handle remediation ready to go, if that’s necessary, and if your MDR company doesn’t offer it.
Charge for Incidents?
Speaking of remediation, what about incidents? So not necessarily a breach, but a security incident. Does the MDR company include an unlimited amount of incidents, or do they charge you for, like, anything over five incidents in a month, they’re going to charge you for? Do they charge you hourly to handle that incident, to remediate that incident? So that’s something you definitely want to ask is, hey, if they detect something on the network, they detects some type of a problem, not necessarily a breach, but just something that you should be concerned about, that you want to handle that would be considered an incident. And what their definition of that is and how much they charge and how much is included, period. Is it unlimited or is it a certain amount of hours? And what is their charge for overtime on the hours?
SOC Analyst?
Something else that you want to think about is, does the MDR service involve a SOC analyst? A SOC analyst is someone who’s looking at all the logs coming in and not only letting the software determine, hey, what should we look at or not? But once there is something that stands out, once they’ve eliminated all the false positives and things like that, and if something comes through, do you have a live person who’s a security expert looking at all that stuff and determining, “Hey, is this something that we should be concerned about?” So that’s a SOC analyst. And does the MDR service that you’re quoting include a SOC analyst? And if so, are they charging you for it separate, or is it inclusive of the cost?
Fixed vs. Variable Costs
Lastly, what I wanted to cover is fixed versus variable costs. I’ve kind of touched on it on a lot of these points, but something again that you want to know up front is some service providers charge more of a fixed cost for everything, where some are more variable. So you really want to dig into the weeds on what is fixed with that service provider and what is variable in terms of the cost. And that’s a great question to just ask them right away is, “Hey, can you detail to me what costs are fixed and what costs are going to be variable?” So that you know all those things up front. Because when it comes to quoting an MDR service provider, it sounds pretty simple until you start getting into the weeds, and you start realizing, “There’s probably questions I don’t even know that I should be asking.”
So asking something like, “Hey, can you detail me the fixed versus variable cost?” will help reveal some of the things out there that you may want to be asking about and that you may just not be aware of. Obviously if you’re going to an MDR company, you don’t know every single thing about cybersecurity that there is to know. That’s why you’re hiring an outside company. So how do you know what questions to ask? So that’s kind of the rub there. But fixed versus variable will help you get to that point.
Which MDR companies should you quote?
I hope that was valuable. If so, please subscribe to the channel and give it a like. That would be a nice thank you if this was helpful to you. And again, if you’d like my recommendations on the best vendors to quote for managed detection and response, don’t try to research it on your own. It’ll take you way too much time, and you’ll probably find the wrong providers out there. There’s hundreds of them out there. So if you think you’re going to Google it and just wind up with the best ones, you’re wrong.
Instead, find somebody like myself, reach out, contact me via email or by phone (714.593.0011). I’m happy to help. I’ve been doing this for 20 years. So I’ll be able to ask you some qualifying questions, and based on your answers, I can narrow it down to the best three, four companies you should be quoting. And I’ll tell you why. And I’ll also introduce you to the right people within those companies to work with and help oversee the quoting process.
And the nice thing is, you might be asking, “Well, how much does this cost?” Well, the service providers, the MDR companies, pay me my broker fees, so you don’t have to pay me anything. So there’s absolutely no excuse not to at least reach out and see what I have to say. Again, I hope this video helped a little bit, and I will catch you on the next one.
Related Content
Managed Detection and Response Providers Comparison: Recording Network Activity
Your company is evaluating your cybersecurity needs, and you’re thinking of procuring a Managed Detection […]
Managed Detection and Response Provider Comparison: What is MDR?
What is MDR? Before we compare Managed Detection and Response providers, it's important to fist establish […]
MDR Provider Comparison: Should our mid-size company buy Microsoft Defender for Endpoint?
Should our mid-size company buy Microsoft Defender for Endpoint?
Mike continues his (MDR Provider […]
The Best Cybersecurity Awareness Training Vendors Do These 4 Things
Your company is trying to find a good cybersecurity awareness training vendor. But there are a ton of […]
Cybersecurity Insurance Requirements for EDR
Your company is applying for a cybersecurity insurance policy, but what are the requirements for EDR? These […]
5 Cybersecurity Insurance Requirements for Email Protection
Your company is in the market for cybersecurity insurance, but you’ve heard there are some specific […]