While the amount invested into security programs differs across different organizations, the areas of investment shouldn't.
Whether it's trying to support the business, mitigating risk, or managing disruptive technologies, every organization has a common thread that drives the opportunity for security program improvement.
In this video Hadi Hosn, SecureWorks Head of Security Strategy and GRC Consulting in EMEA, gives a quick overview of three important areas of investment that are key to improving security strategy based on SecureWorks client engagements across the world.
Top 3 opportunities to improve security programs for our clients are consistent across the clients that we see. So we see one of them is investing in managed security services and threat intelligence. Organizations want to focus their resources on strategy, on innovative technology and trying to find new ways of doing business and supporting the business. They want to be able to work with partners who are carrying out the operational tasks and bringing in threat intelligence and operationalizing the security services for that organization so managed services is really one of the key investments we see nowadays.
Another investment, is an investment on the endpoint past the antivirus state. Antivirus as we said is very signature based and if we haven't seen a threat before, antivirus will not pick that up. Think about this analogy if a bank guard lets a robber in just because the police hasn't released a description of what a robbery suspect looks like, really that's not the right way to do security. The bank guard needs to be smart and needs to have an idea of what a robbery looks like and build on that behavior to try to identify that threat and try to mitigate it. And that's where investments are going nowadays with our clients. It's trying to build an analytics and a behavior engine on that endpoint.
The third investment or the third improvement to security programs is around how a client addresses the cloud and how do they address the new disruptive technologies. And this could be through workforces that are flexible. So we see organizations coming to us and asking if we have solutions to help them manage their disruptive technologies around mobile, cloud and different security operations. And we've built a center of excellence out of Romania that addresses a number of these challenges. Clients really like that proposition and they're starting to invest more into it and their security programs nowadays.
We generate around 2 billion events each month. With Secureworks, we are able to crunch down that number to 20-30 high fidelity alerts — and that makes my team's job much easier.
Sunil Saale, Head of Cyber and Information Security, Minter Ellison
Red Cloak™ Threat Detection and Response isn’t just the next generation of SIEM, it’s an evolution.
David Levine, CISO, Ricoh Group
The old approaches to cybersecurity are no longer adequate. It’s time for something new. Layered defenses can create almost as many problems as they solve, and security teams struggle to keep up with the threat. What you need is context across all your layers of defense with the right people, processes, and technology working together in concert. That’s how Secureworks can help. Using 20+ years of industry knowledge, advanced analytics, industry-leading threat intelligence, and the network effect of more than 4,000 customer environments, we provide world-class cybersecurity solutions to customers around the globe. This unmatched experience empowers our customers to be Collectively Smarter. Exponentially Safer.™
Our Managed Detection and Response (MDR) solution is comprehensive, powered by our cloud-native software Red Cloak™ Threat Detection and Response that uses AI and machine learning to deliver better outcomes for your security operations. MDR unifies telemetry from your existing security technology to maximize visibility, reduce complexity, and enable you to move at the speed of the threat. Learn more about how Managed Detection and Response uses contextualized visibility to improve your organization’s security posture.