How Does Managed Detection and Response (MDR) Work?
A clear, direct answer to this question — written for UK business owners and IT decision-makers.
Direct Answer
MDR (Managed Detection and Response) combines EDR tooling with a 24/7 human SOC team who monitor alerts, investigate threats, and respond to incidents on your behalf. When a threat is detected, the SOC analyst contains the affected device within minutes, investigates the root cause, and guides remediation — replacing the need for an in-house security team.
Key Points
What you need to know.
The Short Answer
21% of businesses that experienced a breach reported a negative outcome such as loss of money or data.
For UK Businesses
7% of businesses that experienced a breach reported temporary loss of access to files or networks — up from 4% in 2024.
Cost Considerations
The NCSC handled 429 total incidents in 2025, with 204 classified as nationally significant — the highest-ever number.
Next Steps
What you should do with this information.
Quick Comparison
| Feature | Option A | Option B |
|---|
Frequently Asked Questions
MFA requires two or more verification methods to access an account. Microsoft reports that over 99.9% of compromised accounts did not have MFA enabled. Only 40% of UK businesses have two-factor authentication enabled (DSIT 2025). MFA can prevent more than 99.9% of account compromise attempts.
The average cost of the most disruptive breach is £3,550 for UK businesses. For businesses that experienced negative outcomes such as data loss or financial theft, the average cost rises to £8,260. Medium and large businesses face average costs of £10,830 per disruptive incident.
The top threats are phishing (85% of breaches), ransomware (doubled year-on-year), business email compromise (increased 33% in 2025), and supply chain attacks (35.5% of all breaches now originate from third parties). AI-powered attacks are accelerating all of these threat categories.
BEC is a type of fraud where attackers impersonate executives or suppliers to trick employees into transferring funds or sharing sensitive data. BEC attacks increased 33% in 2025. The average loss per BEC incident is $137,000. Even organisations with fewer than 1,000 employees face a 70% weekly probability of a BEC attempt.
Ransomware is malicious software that encrypts your data and demands payment for its return. Approximately 19,000 UK businesses were hit by ransomware in 2025. The median UK ransom demand has doubled to $5.37 million, and average recovery costs reach $2.58 million excluding the ransom itself.
Need More Detail?
Speak to an AMVIA expert for advice tailored to your business.
Related Questions
MDR vs EDR
How managed detection and response differs from standalone endpoint detection and response tools.
Cybersecurity Guide for UK SMEs
A complete guide to cybersecurity controls including MDR and SOC monitoring.
How Much Does Managed Cybersecurity Cost?
Per-user pricing for MDR and managed security services for UK businesses.
Endpoint Security Service
EDR-based endpoint protection that forms the technology layer beneath MDR monitoring.