The market for managed detection and response (MDR) security services will reach $5.6 billion by 2027, which represents a 16.0% compound annual growth rate (CAGR) from 2022, according to MarketsAndMarkets.
The May 2022 research report is far more bullish than an August 2021 research report from Infinity Business Insights, which pegged the global MDR market at only $2.2 billion by 2027.
Still, both research reports pointed to similar CAGR growth rates for MDR security services. In fact, MDR now ranks among the core eight managed security services typically offered by MSSPs, according to Gartner. And more than 90% of MSSPs now offer some form of MDR services, according to the annual Top 250 MSSP survey results for 2021.
MDR Security Services: Competition, Cooperation, Definition
Next up, smaller MSPs need to figure out whether to build, buy or partner their way into the MDR sector.
Although MSSPs and MDR security providers occasionally compete, a growing number of MDR companies now offer partner programs for MSPs and MSSPs.
Gartner is tracking at least 40 MDR companies that have gained critical mass. Still, that Gartner list largely fails to address MDR companies that support MSPs and MSSPs in the SMB sector (names like Blackpoint Cyber, Huntress, Netsurion and Stellar Cyber come to mind).
According to Gartner’s definition, MDR services provide customers with:
- Remotely delivered modern security operations center (MSOC) functions.
- The functions allow organizations to “rapidly detect, analyze, investigate and actively respond through threat mitigation and containment.”
- A turnkey experience, using a predefined technology stack (covering areas such as endpoint, network and cloud services) to collect relevant logs, data and more.
MDR: Who Owns Incident Response Services?
Admittedly, MDR definitions can vary from one company to the next. Among the wildcards MSSPs and MSPs must keep in mind: Who ultimately is responsible for various Incident Response services -- and at what stage of the process?