At the RSA security conference in San Francisco this year, like every year, there was plenty of buzzword bingo. So Verodin’s Kurt Stammberger and Thomas Leduc took to the RSA floor armed with a video camera, microphone and disdain for buzzwords while trying to find attendees in the sea of vendors to interview and root out this year’s buzzwords that folks are sick of.
Before you purchase that nextgen-APT-machine learning-big data-insider threat-AI-Dark Net-mobile-cloud-IoT solution, ask yourself if you’re getting value out of what you already own. In our industry, the security solutions can be extensible – which is often code for complex. Complex things require tuning to perform. Tuning can be slow, problematic and resource intensive. To overcome this, you need automated security instrumentation solutions to validate use cases such as:
- Firewalls are blocking what you want them to block
- IPS solutions are catching nefarious activity
- Endpoint anti-malware solutions aren’t just detecting but protecting you from malware
- DLP is doing, well, DLP
- SIEMs are getting alerts
- Correlation rules are firing
- Incident response teams are effective
- Security processes are efficient
Without a way to validate your controls with assurance testing and understand the efficacy of your security stack for use cases like these and thousands of others – you are relegated to assuming, hoping and praying that your security solutions are actually working. Security instrumentation solutions can help:
- Determine what parts of your security posture across people, process and technology are working
- Avoid making investments in solutions that are simply not necessary
- Remove products that are redundant or simply not providing value anymore
- Provide empiric evidence to executives regarding what security investments need to be made and where
Your security posture should not be based on assumptions. It should be based on empiric evidence. That empiric evidence can be derived by validating your controls with security instrumentation solutions. You may very well discover that with some tuning, you don’t need to buy another buzzword, you may be able to prune your existing solutions thus saving money and you can be more exacting with future investments.
This article is published as part of the IDG Contributor Network. Want to Join?