Page 41 - index
P. 41
- (.31% 41 321.30#)-' .30 7"%01%#30)27 5)2(.32 2(%
!/)2!+ -4%12,%-2
by Patrick Hayes, Managing Director, Seccuris Inc.
Hackers and criminals breach organizations by taking advantage of vulnerabilities within
networks. Attackers are like water: they pour over every inch of your enterprise network until
they find a leak. Then they break in, causing irreparable damage to your bottom line and
reputation. Over the past decade, the level of attacks, breaches and potential dangers to vital
data/information security have escalated to the point where organizations in every industry are
taking measures to ensure their assets and technical infrastructures are safeguarded.
A key part of that protection is knowing where your environment is vulnerable and the type of
risks that may threaten it. While there are several threat and vulnerability monitoring options
available, including Security Information and Event Management (SIEM) products, which have
been gaining popularity, the key is determining which option is the most effective for your
organization. No matter which solution you choose, in most cases, it will cost you a considerable
amount of time, money and effort to install, develop and maintain both the technology and
personnel necessary to monitor your environment 24 hours a day. But there are more efficient
and cost-effective alternative solutions available.
Rather than installing an in-house monitoring system, such as a SIEM, consider outsourcing the
responsibilities to a proven Managed Security Services Provider (MSSP) that will observe and
preserve critical data on your behalf. In order to determine whether building in-house or using
an MSSP is the right choice for your organization, there are several factors to consider. The
most significant are the rising costs and lack of qualified resources necessary to get the SIEM
platform up and running, not just racked and taking in feeds. You also need to consider
personnel expertise and training, as well as technology, infrastructure, and accountability.
Dedicated Security Professionals vs. In-House Staff
While your staff may work during normal business hours, hackers and criminals don’t. They can
attack at any moment of the day or night. So your network needs to be protected 24 hours a
day. However, in most cases, organizations with an in-house security service are only able to
dedicate staff part-time due to cost constraints, or simply because there isn’t enough perceived
responsibilities to justify adding additional personnel to monitor the service full time. As a result,
it’s difficult to expect an in-house team to develop the same expertise as Information Security
Analysts (ISA) employed by MSSPs.
MSSP analysts not only work exclusively in the area of information security, but they can also
bring a broad, cross-industry perspective to the service. Typically, since MSSP analysts
possess years of experience providing information security to multiple clients, they’ve developed
! " $
! # ! "
