Why enterprises need to consolidate their cybersecurity efforts [Q&A]

DevSecOps

With the COVID-19 pandemic and drive for digital transformation the shift to a new distributed workforce model continues at pace.

But this can also leave businesses vulnerable as attack vectors have become more sophisticated — resulting in a continued shortage of security experts.

We spoke to Lynne Doherty, president, worldwide field operations at Sumo Logic, to learn more about how businesses can adapt to this new normal and make more effective use of security tools.

BN: The IT landscape has changed a lot over the past two years, what challenges has this brought?

LD: I think that we’ve all seen that the pandemic drove the requirement for digital transformation much faster. I think there were a lot of people that had it as one of their priorities and really quickly it became the priority as everybody needed to find new ways to work and to work from home.

From my perspective it’s a permanent change. I think that we actually have changed our narrative from return to office to the future of work, and drawing a distinction that this isn’t about returning to offices. It’s about defining what the future of work looks like for our employees.

From a technology standpoint where a lot of our customers are today is that they had to move very quickly. In the span of a week or two weeks they had to send all of their employees to work from home and most of them were not set up to do that. So they very quickly had to make some decisions to just keep the lights on. I think there are a lot of companies out there now who are re-examining what they did and saying, “Did we make the right choices? We were in a hurry and didn’t necessarily make the best strategic decisions.” I draw the analogy that if it’s raining and your roof is leaking, you put buckets under and put some towels around, but eventually you patch up the roof and fix the leak. You have to make what is the better long term decision and I think that’s where a lot of companies are today.

BN: Is the shortage of cybersecurity skills holding back making these choices?

LD: In some ways I think, yes, it’s held back. But I also think the skills shortage accelerates it, let me explain that. With the skill shortage that exists today businesses have plugged holes with technology, but that requires different skill sets and different knowledge of tools and different access to data. So there is a move to say, “Let’s look at consolidating, let’s look at single tools, let’s look at tools that go across different groups, different divisions, different use cases, so that we can consolidate the people.” So instead of having three people who each need to know a different tool, maybe you only need one or two people if you have just one tool. Because organizations have a talent shortage, and this Great Resignation of talent, that slows them down. But it also, I think, forces them to make some strategic decisions around consolidation so that they can optimize the resources that they have.

BN: Has that changed peoples priorities in terms of what people are looking for?

LD: At Sumo Logic we do have solutions for both observability and security. I think that there’s been a real drive, from a buyer perspective, where it used to be one or the other and those groups could operate very independently and make independent decisions, what we’re now seeing is there’s a set of people who are saying I need something that can do more, both from a talent and resource perspective and also for the amount of data that needs to get stored.

As digital transformation happens there’s this concept of digital exhaustion. All of the metrics and data that is collected needs to be stored and analyzed to optimize it and make it useful. When you have five tools you need five times the data, in a lot of cases, than if you have a consolidated tool with different windows into the same data. For us that has been a driver for a lot of customers to say they want a consolidated set of tools for both observability and security, both from the talent perspective and from the data perspective for cost effectiveness.

BN: Is it a case of cutting down the number of tools to reduce the workload?

LD: I’ve seen varying reports on the average number of security tools that an enterprise has and it’s somewhere between 40 and 80. But I haven’t ever met a customer who says, “If I just had one more tool, I’d feel secure.” I think that there’s a recognition and a realization by security practitioners that they need to have shared insights and shared threat intelligence from a security standpoint across all of the different vectors that the bad actors are using. And so I think consolidation in security is and will continue to be a trend. I’ve called it the past as like the ‘whack-a-mole’, something happens and you buy a new tool to fix that. I think there are a lot of people who are now stepping back and saying that’s not a sustainable way to run a business effectively. They need single access to data and threats, and shared access so that you see a threat somewhere and you stop it across your entire network.

BN: Is this driving more towards artificial intelligence and machine learning?

LD: I think AI and ML is going to play an incredibly important role in security in the future. But again a big part of AI and ML is that it’s only effective if you have access a single view of data. Bringing the data together allows that consolidation so that you can be more intelligent about looking at it and put AI metrics and insights on top of the data. If you have disparate data sources then whatever AI or ML that you build on top of it is limited to that set of data and you’re having an incomplete view. Bringing the data together in digital transformation is about being data driven and putting AI as a differentiator to become smarter in decisions that you make and in the ROI that you have. That doesn’t work if you have disparate sources of data because you’re only getting a fractional view.

The solution is bigger than just the technology and the data. It’s about layering on top of that the people, the process, the culture; to get insights, to quantify ROI, to drive impact to change business processes for the better and to make somebody more secure with the insights that you get. But you need to marry the automation with the human side of it and the operational piece, because just inserting another tool with artificial intelligence and automation, although it certainly is valuable, it’s not the complete answer.

Image credit: mikkolem/depositphotos.com

Author: Martha Meyer