Looking for a Warranty from an MDR Provider? Ask These Key Questions

Managed Detection and Response (MDR) helps ensure organizations are protected against advanced cyberattacks. That protection often comes with a warranty to back up those services.

Warranties provide financial protection for organizations if they are the victim of an attack or breach. The policies often cover the costs associated with responding to and recovering from a cybersecurity incident.

“The MDR provider will incur costs you would have incurred,” says Sally Adam, Senior Director at Sophos. “The warranty extends a further peace of mind.”

But how reliable is the assurance these policies claim to provide? Not all warranties are created equal. How should security leaders who are looking at MDR service warranties evaluate these offerings?

“Look at the details behind headlines,” says Adam. “What are you actually getting?” It’s essential to look at the following criteria to ensure the warranty will serve its purpose in the event of a breach.

1 – How much coverage do you really get with the warranty?

This can often trip customers up because they fail to look at the fine print, Adam notes.

“A lot of organizations say customers get an up to $1 million coverage. But then, when you look closer, you realize that amount is only for organizations of a certain size. They may only offer a smaller organization one-tenth of that because they have service tiers that cap coverage. Or that you need to buy an additional service in order to qualify for that for that full amount,” says Adam.

2 – How long does the warranty coverage last?

A quality warranty covers the length of the subscription, but many vendors only provide protection for the first year of your contract, says Adam. “That’s far less valuable than one that covers your full subscription term, and it also demonstrates less confidence from the vendor in their own offering.”

3 – Who qualifies for coverage?

This is another place where buyers may be mistaken. “Some breach warranties are only available for brand new customers, but not for those loyal customers who renew their subscription, which again takes away the value of the warranty,” she notes.

4 – What kind of devices does the warranty cover?

Most organizations likely have a mix of both Windows and Mac OS devices. Make sure your warranty covers all types of devices for comprehensive coverage, she notes.

5 – What does geographic coverage contain?

Some policies only provide coverage for North America, which can be a problem for many international organizations.

“It’s important to ask: ‘Does it cover Latin American? Or if we have offices in Europe, or Japan, will it cover us there?’” says Adam.

6 – What kind of expenses does it cover?

Many organizations are shocked to learn that certain expenses aren’t covered after they have been hit by a breach. A solid warranty will cover obvious expenses like ransom payment, but also other costs, like breach notifications or public relations, Adam notes.

Want to ensure you are covered for the many expenses associated with breach or attack, wherever you are geographically? The Sophos Breach Protection Warranty covers up to $1 million in response expenses in many regions around the world.

Learn more about the warranty by visiting the Sophos web site today.