To read this blog in Spanish, please look here.
The brilliant mind of Gabriel García Marquez, known affectionately as Gabo, produced a short and vivid quote:
Wisdom enlightens us when it is not useful anymore
Obviously his mind was not thinking about the chores that probably you have to deal with on your day job, yet I would agree, it is a very confusing time to be an IT, or a security practitioner. No longer is a firewall and an antivirus enough to secure your business workplace.
In conversations with customers across Argentina, Brazil, Colombia and Spain, I have been able to sit down with world-class security professionals, second to none. The vast majority of them are struggling with being able to handle a world class Security Information and Event Management (SIEM) solution, plus a world class Intrusion Detection System (IDS), plus Vulnerability Assessment, plus Threat Intelligence, plus … you name it; on a 24 x 7 fashion. And knowing attackers will go for you at your weakest hour.
Let me be clear, the problem is with the industry, providing so many excellent technologies, but fragmented solutions. Just to give you an idea about the size of the InfoSec industry, at this year’s RSA Conference there are 64 Sponsors and 403 Exhibitors. Sure, there are some specialties in all industries, calling for specialized solutions to tackle particular problems; but regardless this seems an excessive and overwhelming amount of vendors if you are in the market to purchase security software.
It’s not whether customers can afford to acquire a range of cybersecurity solutions; the question is whether they can afford to operate such a scenario. Customers tell me all the time how they struggle to keep their personnel trained on a set of solutions from different vendors, keeping all the solutions updated, and interconnected to work as one. They realize it’s no good to understand (after the fact) that you had evidence in your log files that an attack was being executed, but since you failed to interconnect your technologies, that indicator was missed in the sea of alerts. According to a Verizon report: 84% of breached organizations had evidence in their logs. Here is where Gabo’s words kick in, what usefulness is going to produce you the just acquired wisdom of how the attack developed?
It is always a pleasure to meet with a prospect and share the uniqueness of AlienVault Unified Security Management (USM.) AlienVault USM platform brings all the security controls together in one single console. It includes over 30 open source security solutions orchestrated and integrated to work as one. In addition, the Threat Intelligence from a community of over 11,000 users across 140 countries enriched with the tireless work of the AlienVault Labs is included as part of the solution. Honestly, the chances of being attacked are only so high, that rather than continuing to invest in protection, we should think about how could we detect effectively when we are being penetrated, and of course respond very quickly; of course without breaking my budget.
Not enough? In most Latin America countries we have partnered with a network of local security services companies and a carefully selected Managed Security Service Provider network to provide SOC Services - whether full time or after regular office hours. So you can focus on growing your business and not on dealing with a mess of fragmented solutions. Check out our “Find a Partner” page. Or, contact our team and we’ll figure it out and hook you up with a suitable partner.
How many security products do you have? Or, do you have a great story around your usage of USM? We would love to hear it.