There’s simply no ‘silver bullet’ that will help information technology security specialists take back ground from cyber-attackers.
That’s the opinion of Mike Lloyd, Chief Technology Officer for RedSeal, a California-based cybersecurity firm. Lloyd argues that only a strategy of integrating security products can boost protection of our systems and data from attack.
“It’s a big theme we’re picking up in the industry at the moment,” states Lloyd.
Are the bad guys winning?
RedSeal staff who took part in the IT security focused RSA Conference in February heard plenty about integration.
“We had multiple vendors at our booth talking about how they work with our stuff — and we were in their booths talking about how we work with their stuff — and we were hardly unique in that,” he said. “It’s a really big theme, and it wasn’t there five years ago.”
Lloyd will be one of the keynote speakers at The Technology Expo, Manitoba’s premier information technology conference, to be hosted by Epic, an MTS company, at the RBC Convention Centre Winnipeg April 26. He said the format of the expo is the perfect forum for vendors and customers to talk integration.
With shortages of trained IT security professionals, Lloyd said that companies he deals with can regularly be juggling a suite of as many as 40 or 50 major security products — with a shorthanded staff.
“The problem appears to be that we haven’t trained enough security professionals and the bad guys have been escalating their use of automation, so they’re getting an awful lot better at getting in,” said Lloyd. “We’re seeing more and more headlines about more, and bigger, breaches. The bad guys are clearly winning the war and we just haven’t got a huge talent pool to fall back on.”
Integration is the new approach
With personnel shortages, security has to focus more on integrating systems, Lloyd said.
“In light of the short staffing, what I’ve found in recent years is that security teams have bought a lot of technology because they need it,” said Lloyd. “Another technology comes along and it fixes the ‘threat of the quarter.’ Very quickly you end up with about 20 different technologies. Then you have to manage that with a team of eight people, if you’re lucky.
“You can’t expect your eight people to be experts in 20 technologies. You have to get these things to work together because you can’t keep up with that many different, complex products. Everybody is facing this pressure.”
That’s where the value of a forum like The Technology Expo comes in, Lloyd said.
“It’s about pushing the vendors of your 20 different technologies to build integrations with one another,” said Lloyd. “I’m one of those vendors.
“I think as an industry, in the last year or so, we’ve been responding very, very well when customers have come and pushed us so our technologies have to integrate together. I welcome that and I want to encourage people at the Epic Technology Expo to use their buying power to influence vendors to do more integration, because it’s in all of our interests.”
Humans at the reins
But it’s not all about automation, Lloyd said. Human professionals ultimately have to be at the reins of any security strategy.
“You can automate 99 per cent of the work if you can make it flow from one technology to another, but you still need a human finger on the trigger,” said Lloyd. “You still need humans to play the security game at the highest level.
“The key thing is you have to integrate all these things together so you don’t take your highly skilled, precious people with limited time and have them go drill into product No. 7 and come out of there with some insight, then go into product No. 19 and drill into that. You want all these things to work together.”
Lloyd stressed the importance of evolving our approach to security.
“I want to emphatically underline the point that customers have the power here,” Lloyd said. “This is what’s happening now with security — it wasn’t happening five years ago and certainly wasn’t happening 10 years ago. It used to be that every vendor would just say, ‘Look, I’m the king of the field, I’m the best of breed, you just need to buy my technology and all your worries in this area are done.’
“I think it’s very healthy and it’s the only way we’re going to be able to get back something like parity (with cyber-attackers), because right now I think it’s pretty clear we’re losing — way too many breaches are working and I think a big piece of it is because our technologies and defences don’t work together well enough.”
Sharing info a must
It’s events like the Epic Technology Expo that help facilitate changes in everyone’s approach to security.
“The thing that really motivates two vendors — two private, profit-making entities — to work together is a clear customer-use case,” Lloyd said. “How we find those cases is exactly at an event like this. It’s the best place to get all the practitioners out of their chairs and talking to each other about their favourite use cases.”