Why your business needs the best-of-breed combination of technology and human expertise
24 Nov 2025
•
,
4 min. read
When I was in my mid-teens, I decided to get a job in a small local garage to learn how to maintain cars in preparation for owning my own. Years later, I was fortunate enough to have a company car. One day, it indicated that the oil was low and needed an oil and filter change. I knew what to do – I’d done that stint as a low-paid dogsbody in a garage. So, rather than booking it in (as I should have), I decided to drain the oil, change the filter, and refill with clean oil. I opened the bonnet.
What the hell is this?
I couldn’t recognise what was under there as any engine I’d seen just 10 years earlier. Undaunted, I jacked up the car and looked for the sump plug – the bolt underneath the engine that needs to be removed to drain the old oil. No sump plug! How do I get the oil out? After searching around for a while, I read the manual: oil changes could only be carried out by designated garages with the requisite equipment – in this case, an oil suction machine! I gave in and took it to the garage.
So what’s this got to do with cybersecurity – and a solution known as Managed Detection and Response (MDR)?
From pit lane to server room
This story is analogous to the experience of many IT managers over the last 15-20 years. Once upon a time, they could maintain simple AV provision, tweak a few settings, and all was well. Today, what’s “under the bonnet” of advanced cybersecurity solutions is unrecognisably complex compared to yesteryear. This complexity isn’t by design – it’s by necessity. Cybercriminal networks and nation-state actors have developed ever more sophisticated tools and methods to bypass defences and extort money or disrupt services.
The technology advances in this arms race have, to a greater or lesser degree, left the generalist IT manager behind from a skills perspective. This isn’t their fault – nearly everything in modern businesses relies on IT, and security is just one small (but critical) part of the service they deliver.
Going back to my story about my (I like to think, valiant) attempt at self-maintaining my car: I’m akin to the generalist IT manager here – the tech got away from me, and I needed a specialist team to do what I used to be able to do. In today’s rapid escalation of cyberattacks versus cyber defences, the IT manager needs the skills of an F1 driver and a pit crew of multiple experts to deliver the necessary service.
XDR and EDR services are the F1 cars of the cybersecurity world – and many IT managers, security managers, and CIOs/CISOs just can’t drive them. That’s why Managed Detection and Response (MDR) services are often cited as the predominant way organisations will protect themselves. Earlier this year, Gartner forecast that up to 50% of all organisations will have adopted MDR by the end of 2025.
So, going back to the title, what’s the question?
Given that there are expert tools proven to significantly reduce the likelihood of a successful and damaging breach; that there are expert practitioners of these tools; that you are unlikely to have the requisite skills; and that you are unlikely to operate your own 24/7/365 SOC… if there was only one thing you could do to massively mitigate this risk to your organisation, what service would you implement as soon as possible?
Why MDR is the strategic advantage IT teams need
- You can’t do this on your own! The days of manually configuring firewalls and scanning logs are gone. Modern threats require specialist tools and expertise. MDR provides both, allowing IT teams to focus on broader business priorities without compromising security.
- IT generalists – and even security managers – wear many hats. Attackers have one job, and they do it round the clock! Cybercriminals operate like elite racing teams – using automation, AI, and coordinated tactics. MDR levels the playing field by bringing in dedicated professionals who understand the threat landscape and can respond in real time.
- Visibility and speed are critical: Just as milliseconds matter in racing, response time is everything in cybersecurity. MDR platforms detect anomalies instantly and act decisively – often before internal teams even notice an issue.
- The skills gap is growing – and you need to match the threat 24/7/365: Most IT departments are stretched thin, and recruiting top-tier security talent is expensive and competitive. MDR fills this gap with scalable, expert-led services that adapt to your organisation’s needs.
- Enterprise-grade protection for any size organisation: Building an in-house Security Operations Centre (SOC) is costly – so costly that it’s out of reach for the vast majority of organisations. MDR offers the same level of protection – without the overhead – making it accessible to SMEs and large enterprises alike.
Conclusion
It’s evident that the “treasure” available to cybercriminals and malicious nation-state actors by breaching defences has accelerated the sophistication of their tools and organisational structures. They are specialists – and MDR providers are too. MDR is no longer a “nice-to-have”; as many observers regularly highlight, it’s an imperative. Gone are the halcyon days of changing your own oil and installing a bit of antivirus software. MDR will, no doubt, be superseded – probably by MXDR – sooner rather than later, and this article could be rolled out again with a simple “search and replace” for MDR references throughout.