modern-tech

Securing A Mid-Sized Enterprise: When A Little Assistance Goes A Long Way

Securing A Mid-Sized Enterprise

There is no longer any subjectivity in this statement: security is at the top of list for all CIOs. Every meeting I’ve attended over the last three months has been dominated by the topic of security and when it’s injected into the conversation, it’s not necessarily by my team, but the customer.

Security has been a hot topic for the last three years beginning when prime time news displayed the list of Fortune 500 logos that had fallen victim to foreign hackers. As with most IT trends, the mid-sized enterprises have followed their larger counterpart’s actions driving their current interest in and need for heightened security. Though this need has been met with confusion, questions and sighs on how to achieve the goal of increasing security and thereby adherence to compliance.

Why the confusion?

security-confusion

Security is a combination of education with the usual people, process and technology equation. For the medium size enterprise this can be a tough equation to solve given limited resources and budget. With the demand for security engineers increasing by 74% over the last three years and 30%-40% of security projects ending up in failed implementations, demonstrating no value to the enterprise, it is easy to see why. So, how do security managers succeed with the odds seemingly stacked against them?

Closing The Security Gap

There are two forces crossing in the industry, which if leveraged appropriately, can help enterprises close their security gap. First, from a technology perspective we are at a point where products have matured to the point where consolidation is possible without the loss of protection. The features of many point products which have emerged over the last three years are now being rolled in as features on existing products such as firewalls or other perimeter security products. By leveraging the mature vendors that offer various security products on a single platform administration effort is lowered while integration and security intelligence is heightened.

One example of this is the concept of “sand boxing” web traffic or email traffic and watching to see if malicious activity occurs. If so, the traffic could be sanitized or blocked.

Sandboxing-Cyber-Attack

(Infographic Source: Fortinet.com)

When this technology first arrived it was introduced by market disruptors and a was a new platform to be absorbed by the security staff. Today, the same feature is now part of many firewalls and web security gateway products that are already in place. A feature to be turned on rather than a new platform to be learned. So the point to take away is look to simplify the management while gaining better integration and security intelligence by consolidating security features on a common product platform.

Managed Service Providers

The second force, driven by Cloud services, is the many Cloud Enabled Managed Service Providers now offering managed security services. These providers can offer managed firewall, IPS, SIEM, web security and email security solution reducing the number of security engineers required to be staffed by the enterprise which solves the staffing shortage for them. In addition to offering the technology to provide these services, the main advantage gained with MSPs is solid process and methodology which assures these tools will provide business value and be successfully implemented.

Virtual Security Officer

Another offering proven to be useful is the VCISO or Virtual Security Officer. Enterprise of medium size often cannot afford a dedicated CISO but still have the need for the position. By contracting with a provider that offers a VCISO, an enterprise can gain access to a CISO skillset for a fraction of the cost of hiring one.

In closing, budget constraints and staffing issues are real barriers and have stopped many companies from achieving their security goals.

Seize the moment, assess your current security environment and look for ways to consolidate and simplify security platforms to gain the most value. Then look to fill the gaps with technology, people and process with qualified service providers. Pay special attention to those providers that bring the process and methodology to assure success in the technologies they represent as that is as important as the technology itself. Filling your CISO role with an on demand VCISO can address your CISO needs in an economical and efficient manner.

Marc Malizia

Marc Malizia

Marc Malizia is co-founder and CTO of RKON Technologies, responsible for the company’s overall technical vision and strategy. Since he helped start the company in 1998, Malizia has played a key role in creating many of RKON Technologies’ products and professional service offerings, as well as building the company’s internal computing platform, which serves as the basis of the brand’s cloud and managed services portfolio.

Prior to RKON Technologies, Malizia was director of engineering at LAN Systems.

Malizia holds a bachelor’s degree in computer science and mathematics from University of Illinois and a master’s degree in telecommunications from DePaul University.

View Website
Want to dip your toe into the cloud? Challenges of a Large Migration

Want to dip your toe into the cloud? Challenges of a Large Migration

Challenges of a Large Migration Migrating to the cloud can be a daunting task. First you have to go through an exhaustive process deciding what to migrate, then you have to do plenty of scripting ...
5 Ways the Cloud and IoT Have Transformed the Transportation Industry

5 Ways the Cloud and IoT Have Transformed the Transportation Industry

IoT Transportation Industry The Internet of Things has caused many industries to evolve - but few more than transportation. Here are just a few ways it’s changed the delivery of goods. Remember when websites like ...
How Blockchain Has Unexpectedly Improved Big Data Integrity

How Blockchain Has Unexpectedly Improved Big Data Integrity

Big Data Integrity Blockchain technology was developed to improve the integrity of bitcoin. However, as bitcoin became more popular, its underlying technology is gaining more attention as well. Perhaps the most significant development in IT ...
The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which cloud" is now the center of the debate. It feels like that one multiple choice ...
GDPR Compliance

A Quick and Dirty Guide to GDPR Compliance

GDPR Compliance Set a reminder: On May 25, 2018, the new General Data Protection Regulation directive from the European Union will go into effect. Although its goal to protect consumer data is admirable, about a third of ...
The Lighter Side Of The Cloud - Low Tech
The Lighter Side Of The Cloud - Hydro Cancellation
The Lighter Side Of The Cloud - Car Troubles
The Lighter Side Of The Cloud - The Robo-Revolution
The Lighter Side Of The Cloud - Recovery Experts
The Lighter Side Of The Cloud - Day 5
The Lighter Side Of The Cloud - Whatever Happened To Alone Time?
The Lighter Side Of The Cloud - Autonomous Sleigh
The Lighter Side of the Cloud - Procurement

CLOUDBUZZ NEWS

Worldwide Services Revenue Posts Steady Year-Over-Year Growth in the Second Half of 2017, According to IDC

Worldwide Services Revenue Posts Steady Year-Over-Year Growth in the Second Half of 2017, According to IDC

FRAMINGHAM, Mass. May 15, 2018 – Worldwide revenues for IT Services and Business Services totaled $502 billion in the second half of 2017 (2H17), an increase of 3.6% year over year (in constant currency), according to ...
Facebook Joins FIDO Alliance Board of Directors

Facebook Joins FIDO Alliance Board of Directors

Aligns with other leading global technology, financial services and e-commerce companies in effort to reduce world’s reliance on passwords MOUNTAIN VIEW, Calif., May 15, 2018 (GLOBE NEWSWIRE) -- The FIDO Alliance announced today that Facebook has been appointed ...
SAP Customer Data Cloud Brings Trust to Personalized Marketing Campaigns

SAP Customer Data Cloud Brings Trust to Personalized Marketing Campaigns

WALLDORF — SAP SE (NYSE: SAP) today released SAP Customer Data Cloud solutions from Gigya, the industry’s only solution based on a consent-based data model. The solution helps businesses nurture trusted relationships with customers by providing them more transparency ...