- Douglas Williams
Are your Security tools working against you?
When it comes to Security, there is a new shiny tool probably every few months. There is another new vendor who has the “New Right Tool for You” -- but what about your current Security Investments?
What about the solutions you currently own and are invested in? As a two part series; within this first article, I will share my experience and lessons learned in describing the reasons it is so important to invest in the right tools for YOU! For your security infrastructure. In the second article, I will show by example, the benefits of having a “Collaborative Security Fabric”.
I often find Security teams adding more tools to their arsenal without an increase in headcount. This leads to another console, more manual intervention and eventually some of these tools will rarely be utilized. Typically, the goal of adding more tools is to (1) Increase visibility into unsecure areas, (2) To be proactive and locate threats as soon as possible and in many cases before they have time to infiltrate, and (3) Most importantly, assisting with the ability to mitigate and remediate quickly.
When we have tools that we rarely use, it needs to be addressed. Otherwise, when there is a security issue; teams or more likely one person, is scrambling to get the data they need. I often get calls to assist with locating this data and that is fine. This is my passion; however, time after time I see that the customer isn’t getting the full benefits from a “Collaborative Security infrastructure”; they are losing time and confidence again and again due to a collection of disparate tools.
The biggest gains coming from a Collaborative Security infrastructure start with a good portion of your security components forming a native Security Fabric while still having 3rd party devices using connectors. I know there is a lot of discussion around Security Orchestration, Automation, and Response (or SOAR) but I am specifically discussing what you can do right now with your current tools, right out of the box. Once again, this typically only requires additional education. The use of a native Security Fabric brings value TODAY.
The Security Fabric can reduce the number of consoles, configuration time and less time troubleshooting. We will give an example of this in our second article.
Didn’t we buy these tools in the first place to locate threats quickly and without having to waste time troubleshooting the tools themselves?
The blames lies not just on understaffed teams but on vendors and trusted advisors (partners). The large amount of marketing alone makes it difficult for the customer to decide which products are best. Many companies are touting the same message but with a different twist. Startups are touting they can save the world and they can be quite convincing. It’s a lot to take in and process.
This leads to the consumer purchasing Security tools from an existing vendor just because they have familiarity with then. Because they “know them already.” All that can be expected from the customer is that they research the best they can and conduct the occasional PoC where time and resources permit. One of our goals, here at Quantum Networks, is to help reduce the current frustration that customers have with their security tools. Through education and the correct strategy, morale is likely to be increased allowing for a more positive and productive experience.
A true trusted advisor, assists their customers (partner) with better education before and AFTER the implementation.
If you don’t have a partner who can be brutally honest with you and dig in, then it would be beneficial to identify any gaps in your current partner relationships. Let’s take a step back and get to the original dilemma of your current Portfolio of Security Tools.
Do you truly understand the features and capabilities that they offer?
Do you know how well or if they work with other devices from a different manufacturer?
Do you currently have a Collaborative Security Infrastructure environment? (This is a big one!)
These questions should be asked and understood BEFORE purchasing new tools. If you don’t know the answers to the above questions then you are very likely to purchase another tool to manage when an existing tool could have done the job with a little more education.