Defragmentation of security with a platform approach
Cybersecurity executives and security teams are going through a difficult period. On the one hand, cyber attacks are at an all-time high with 8.5 billion records broken in 2019, and ransomware attacks are rising 67 percent year-on-year in the fourth quarter of 2019, according to the X-Force Threat Intelligence Index. On the other hand, security leaders are facing the problem of security complexity. According to a study by Forrester, the biggest problem security leaders have identified for their business is complexity.
During a recent webinar with Joseph Blankenship, Vice President and Director of Research at Forrester Research, and James Murphy, Senior Offering Manager at IBM Security, I had the opportunity to chat about the complexity of today’s security landscape. Blankenship’s conversation began nostalgically when he drew an interesting comparison between security complexity and a practice called defragmentation.
Defragmentation was a favorite pastime for computer junkies like me in the late 1990s. Users ran the “defragmentation program” on their Windows PCs to reallocate memory and use the computer’s main memory as efficiently as possible.
A complex ecosystem of security products
When we look at the ecosystem, we will see Point products that we have added over time to address individual use cases. In most cases, these Point products have different consoles, different syntax, and require specialized resources to manage. An effective security architecture requires products to work together to share telemetry data, identify and fix vulnerabilities, meet compliance requirements, and more. Unfortunately, this does not happen in the current environment, a problem that becomes more expensive to manage.
Blankenship gave a unique perspective on this and introduced a concept that I think is helpful: cost in depth. Because organizations buy all of these individual Point products, they have spent their budgets on capital expenditures and operational expenses, and much more on the skilled personnel to manage the products and their integration, to the point that these expenses are layered on top of each other. In other words, the resources needed to manage each layer of technological overhead exceed the return on investment.
How a security platform can help reduce complexity
One of the ways to mitigate the challenge of having too many tools, too much data and too few resources is to have a comprehensive security platform. Simply put, implementing a security platform is a way to hide all the complexity from the user and provide the user with a single console from which to work, with the platform managing all integrations internally.
In our conversation, Blankenship discussed the different models of security platforms and some of the most important features organizations should look for: offering new features without a new installation, supporting both open source and commercial tools, eliminating the work of manual integrations, and much more.
After talking about common security challenges and possible solutions, and examining security platforms in detail, Murphy gave an overview of how IBM is addressing security complexity with IBM Cloud Pak for Security, a security platform that helps security professionals identify hidden threats, make informed, risk-based decisions, and prioritize team time.
The webinar we recorded includes a quick demonstration of Cloud Pak for Security so viewers can see it in action and better understand how the platform brings security data and workflows together into a unified experience without the need for data migration.
A Worthwhile Discussion on the Value of Security Platforms
I learned a lot from that conversation and enjoyed it. It was beneficial to hear Blankenship outline the common security challenges based on customer interactions and his unique perspective on their solution. I liked the link to defragmentation as well as the numerous references he made to Star Wars and Lego sets. Having listened to Blankenship’s presentation and walked through the benefits of the platform, I could easily see how Cloud Pak for Security is a unique solution that can help address many of the challenges in today’s industry.