The Security Monitoring Journey Continues EvolvingThe more things change, the more companies still need to safeguard valuable information with a security monitoring strategy that secures, scales and simplifies By: Ed Martin
The world constantly changes, and technology drives many of the differences in our lives from just a decade ago. Today we shop, make investments, watch videos and accomplish a million other tasks by using our smartphones and laptops. Our everyday existence – and the activities that fill those 24 hours a day – is far different than just a few years ago.
The process of providing security services also has evolved over time. Today's security organizations have witnessed the volume of data grow from a trickle to a waterfall. The areas of focus have changed from the edge of the infrastructure to multiple places in the network. And the challenge remains that today's steady state likely will be different in a few years – or months, or weeks.
A Flood of Data
The amount of data to monitor has grown as the digitally connected landscape expands. Across the past decade, the number of security events processed daily has increased by 10-fold, forcing managed security service providers to develop agile, scalable processes to provide the protection and detection their clients need. Here is an example. In the late 2000s, a security company processing 20 billion events a day could expect today to process upwards of 220 billion a day. If that same company was able to cull down the number of events requiring human interaction to 5,000 a day 10 years ago, it is unreasonable to think that number today would be 50,000. That would overwhelm a security staff, unless that staff also grew 10-fold (which we all know does not happen).
The Landscape is Complex
In addition to more data, there are more sources producing it. Companies today deploy a vast array of security products, far more than a decade ago. The landscape of a client's infrastructure is more complex than ever: according to a Cisco study released in 2015, the average large enterprise has 54-plus security vendors.
This requires managed security service providers to evolve their methods of monitoring for security events of interest. Once upon a time, watching the perimeter was enough. That evolved to scrutinizing east-west traffic flowing through your landscape. Today, security organizations must focus from the firewall to the endpoint and all spots in between. An environment comprised of products that cannot “talk” to each other opens gaps that could be exploited.
Tomorrow is Here Today
And there is no slowing down the growth train. To compete in the global business environment, companies have to protect valuable assets and data. It can be a daunting task to go it alone, much like setting sail on the ocean without navigation guides, maps or weather forecasts.
Companies need security organizations to be forward thinking, scaling to meet ever-evolving regulatory compliance guidelines, smoothly integrating disparate security products and monitoring the changing cyber threat landscape for the latest threats. Companies that are agile in detective, investigative and reactive activities will play an even more critical role in cybersecurity as the future unfolds.
For all the changes in security services, there remains one constant: the desire to safeguard valuable information. And despite all the changes experienced in the past decade, the end result of a security strategy that secures, scales and simplifies is a beautiful sight.