6 Questions about MDR with At-Bay’s Travis Mercier

In April 2024, Travis Mercier joined At-Bay as the new Head of Managed Detection and Response (MDR). He brings a wealth of technical and security expertise to our growing Stance™ MDR team. 

Mercier spent the first decade of his career in IT. During this time, the puzzle-solving, psychological, and human-factor elements of the burgeoning cybersecurity field caught his attention. Starting in 2013, Mercier began to focus on MDR, and he worked at various cybersecurity companies including EY’s Advanced Security Center, CrowdStrike, Rackspace, and BlueVoyant. His prior roles included designing Security Operations Centers (SOCs) for various Fortune 500 companies, leading Digital Forensics and Incident Response (DFIR) strategy, and building multiple MDR products.

We spoke with Travis to learn more about his career and MDR insights. Here’s what he had to say:

1. How would you describe what you do to someone outside the security industry? 

My job is to reduce the risk of a cyber incident for our clients and partners, and, if an event does occur, to minimize the resulting impact. 

More specifically, my mission at At-Bay is to continue building a highly efficient and effective security operation that can monitor organizations in real time and respond to security events as they occur to mitigate and minimize our customers’ exposure. This includes staying up-to-date with trends and technologies and evolving At-Bay’s approach over time to keep pace with attackers — so our customers can focus on their business objectives and the things that matter most to them.

2. What do you like most about your work?

The number one reason I work in security is to help people. I get so much satisfaction from being able to provide clarity and guidance in scenarios where people really need it.

A cybersecurity breach can be the worst day of someone’s career, but being able to help people manage various situations and reduce the impact has meant a lot to me over the years. Working in MDR, I can keep my eyes on risk around the clock so that my clients don’t have to worry themselves. The number of times I’ve spoken with clients and they’ve said, “Having you and your team here helps me sleep at night” — that really resonates with me, because I know it’s true. 

3. Why did you decide to join At-Bay?

I really believe in At-Bay’s mission. Over my career, I’ve seen how mid-size and emerging businesses struggle the most with security and cyber risk, so I know that’s the segment where I can make the biggest impact. 

Helping emerging businesses is a goal I’ll always subscribe to. 

4. What do you hope to achieve in your first year at At-Bay?

Cybersecurity is a mile-wide industry, encompassing many different areas of expertise. My primary goal is to have an informed opinion and helpful advice for our MDR customers on all the various subject matters. 

Whether it’s exposures in the attack surface, vulnerabilities inside the environment, evolving threats and attack methods, incident response, future security posturing, or configuration guidance — I want to maintain an up-to-date approach to all those areas in my first year at At-Bay and throughout my time here. 

5. Why is MDR an important part of cybersecurity, especially for small businesses? 

Cyber risk doesn’t discriminate — it affects all organizations regardless of size. Yet security is not created equal. While large enterprises often have massive security budgets and entire teams dedicated to security, smaller businesses face the exact same problems without the budgets or in-house expertise necessary to protect their environments. There’s also a skills shortage: There simply aren’t enough trained cybersecurity professionals who can do this work full-time for all the companies out there. 

An MDR service can step in to manage risk and provide robust security capabilities and defensive measures, basically serving as a CISO and SOC for companies that don’t have their own. 

6. What should businesses look for in an MDR service? 

There are dueling opinions on what MDRs are, and the easiest way to distinguish between the two is to separate them into “lowercase r” and “capital R” categories. Both provide managed detection but differing levels of response.  

“Lowercase r” MDR services send recommended actions for users to take based on detected threats. Ultimately, this still generates work for businesses that in-house teams may not have the capacity to handle. Plus, say there’s an active alert at 2 a.m. — that may sit unaddressed until whoever is responsible for security at the company wakes up and sees it. 

On the other hand, a “capital R” MDR provider actually takes remediation and response actions on behalf of customers to engage and contain threats as soon as they’re detected. This is the type of MDR service At-Bay provides. An active, “capital R” approach resolves issues and minimizes impact without putting the onus on customers. 

The best way to distinguish between these two types of MDR is to inquire whether providers simply provide alerts or take action to resolve threats. Always ask, “If I engage your services, how will that make my company better?” By gauging how a provider will move the needle on your cybersecurity posture, you can determine whether it’s the right fit. 

Interested in learning more about At-Bay Stance MDR? Read about it here or schedule a meeting with our team.