I suppose it’s no surprise that the CTO of a large security vendor is calling for consolidation of the market. I’ve heard a different story from customers who perceive innovation as coming from startups and look to the bigger players to provide operational excellence. In the cloud space we now talk about hybrid models of some in-house and some public cloud. In infosec we need a similar mix of big boys and nimble startups..:
Zulfikar Ramzan predicted the future of cybersecurity, drivers shaping it, and how enterprise IT should react in his InteropITX 2018 keynote.
But how to address the risks? Ramzan warned of the danger in adopting a “no vendor left behind” policy when shopping for security tools. The industry “is effectively a hot mess,” he said. With some 2,000 vendors in the security space, there is a need to consolidate and innovate. IT pros should figure out which vendors provide the most value, and focus on them.
He closed out his keynote by explaining how to react when security incidents occur. “Plan for the chaos you can’t control,” he noted, pointing to the “ABCs” of incident response planning.
The first: Availability. When forming an incident response plan, you should only use resources that are already available to your organization. “An incident response plan isn’t a wish list,” said Ramzan. “Don’t put empty fire extinguishers in every hallway.”
Budget is second. Security breaches come with unexpected costs, he noted. You may need legal help, for example, and if you don’t have an in-house team you’ll need to hire an outside law firm. “Response plans must have budget authority,” said Ramzan. Without them, “effectively, it’s just a fairy tale.”
The final factor is Collaboration. During an incident, most areas of an organization can inevitably get involved. Security teams will be identifying the root cause of the attack while the IT team patches infrastructure and quarantines networks. If customers were affected then the sales team will be involved; if sales is involved, then the marketing team may be involved also.
Success in cybersecurity will depend on enterprise ability to gauge the risks that lie ahead, he concluded. “Adapt quickly and adopt technology in a way that fosters and fuels innovation.”