1. REA CYBER SERVICES & DATA PROTECTION
MSP V. MSSP
Jun
2021
Shawn M Richardson, US Army (Ret)
Principal, Cyber Services | Rea & Associates, Inc.
shawn.richardson@reacpa.com
O: 234-249-3478 | M: 614.554.3450
CONFIDENTIAL

2. 2
Presenters
Shawn M Richardson, US Army (Ret)
Principal, Cyber Services Segment
Dublin, Wooster offices
Director of MSIT, Cyber Security
Services
Trusted Advisor, Speaker, Thought
Leader

3. 3
Presenters
Jorn Baxstrom, Manager
Manager, Managed Security & IT
Services (MSIT)
Wooster Office
Trusted Advisor, IT Services Veteran

4. AGENDA
 MSP vs MSSP
 Mission and Purpose
 CIA Triad
 What are the differences?
 What is a SIEM & MDR?
 How They Work Together
 Managed Security & Information Technology Services (MSIT)
 Intro to MSSP + TOA = MSIT | Security First
 Conclusion
 Questions
4
CONFIDENTIAL

5. REA CYBER SERVICES IMPACT STATEMENT
As Rea Ambassadors, quality counts. We all can
take ownership of this cyber epidemic by showing
others you care and let your listening fuel action.
Share your ideas and vision with not just your
clients but also your colleagues. Never stop
learning. Our learning will drive change within the
world of Cyber and protect our clients networks
from the ever-evolving treat-landscape.
5
CONFIDENTIAL

6. MSP V. MSSP | MISSION & PURPOSE
MSP – Managed Services Provider
 Managed Service Providers are the practice of outsourcing the
responsibility for maintaining, and anticipating need for, a
range of processes and functions of IT in order to maintain
operations (keep the lights on), improve efficiencies, and cut
expenses. Availability
6
CONFIDENTIAL

7. MSP V. MSSP | MISSION & PURPOSE
MSSP – Managed Security Services Provider
 A managed security service providers sole focus is to detect
and protect against ongoing threats. A firm providing
continuous managed security services coupled with best-in-
class information technology is a “Trust Oriented Approach”.
 Common services include continuous monitoring, threat
hunting, managed firewalls, vulnerability scanning and
manage/detect/respond (MDR) services to protect enterprise
data, identities, and reduce overall cost to the business.
Confidentiality & Integrity
7
CONFIDENTIAL

8. MSP V. MSSP | CIA TRIAD
8
CONFIDENTIAL
Confidentiality:
Protect sensitive, private
information from unauthorized
access. Confidentiality is
dependent on being able to
define and enforce certain access
levels for information organized
by who needs access to the
information and sensitivity of the
information.
Integrity:
Designed to protect data from
deletion or modification from
any unauthorized party and
ensures when an authorized
person makes a change that
should not have been made the
damage can be reversed.
Availability:
Availability of systems and
computing resources that have
architectures specifically
designed to improve
availability. This covers
hardware failures, upgrades or
power outages, or managing
several network connections to
route around various network
outages.
Principles of
Information Security

9. MSP V. MSSP – WHAT ARE THE DIFFERENCES? 9
Management,
Implementations, &
Outsourcing
Value Added Resellers
(VAR)
Selling Products
Stop Breaches
Continuous Security
Monitoring
CONFIDENTIAL
Managed Services Provider

10. MSP V. MSSP – WHAT ARE THE DIFFERENCES? 10
Stop Breaches
Continuous Security
Monitoring
CONFIDENTIAL
Managed Security Services Provider

11. WHAT IS A SIEM? 11
SIEM stands for Security
Information and Event
Management. SIEM
products provide real-
time analysis of security
alerts generated by
applications and network
hardware.
Security software
packages ranging from
Log Management
Systems to Security Log /
Event Management,
Security Information
Management, and
Security Event
correlation. These
features are combined
for 360-degree
protection. CONFIDENTIAL

12. WHAT IS MDR? 12
MDR stands for
Managed
Detection and
Response (MDR),
which is a
managed
cybersecurity
service that
generally
provides a 24/7
service for threat
detection,
response, and
remediation.
CONFIDENTIAL

13. MSSP + TOA = MSIT
Trust Oriented Approach
Building trust starts with leading with security first, reducing risk
to the business by:
 Learning the business to grow them safely
 Performing annual risk assessments
 Building mature cybersecurity programs
 Continuous 24x7x365 monitoring
This approach improves the overall security “health” within
businesses and allows for growth safely without compromise.
13
CONFIDENTIAL

14. MSSP + TOA = MSIT (CONT)
The digital transformation has evolved rapidly over the
last two decades. This transition has forced businesses to
find ways to cut costs and improve efficiencies. In most
cases, MSPs focus on availability, not confidentiality or
the integrity of data, systems, and networks. Additionally
for the last decade, security providers have been selling
solutions without understanding the business FIRST.
Then analyzing the most important assets within their
business; the data.
14
CONFIDENTIAL

15. MANAGED SECURITY & IT SERVICES = MSIT
15
Management,
Implementations, &
Outsourcing
Value Added Resellers
(VAR)
Selling Products
(As needed)
Stop Breaches
(MDR)
Continuous Security
Monitoring
(SIEM)
CONFIDENTIAL
Rea Cyber Services is
‘security focused’
working together
seamlessly with
governance, risk, and
compliance combining
best-in-class IT with
layered security and
continuous monitoring.

16. 16
CONFIDENTIAL

17. CONCLUSION
As Rea Ambassadors, quality counts. We all
can take ownership of this epidemic by
showing others you care and let your listening
fuel action. Share your ideas with not just
your clients but also your colleagues. Invest
in your family, your community and your
future. Never stop learning.
17
CONFIDENTIAL

18. 18
Conclusion
CONFIDENTIAL
Shawn Richardson
Principal & Director
Dublin & Wooster Offices
Direct Line
234.249.3478
shawn.richardson@reacpa.com
Jorn Baxstrom
Manager
Wooster Office
Direct Line
234.249.3451
Jorn.baxstrom@reacpa.com

19. 19
Conclusion
CONFIDENTIAL
Thank you!
Questions???