• United States



Chief Product Officer

The New Reality is Virtual for Security Operations Centers

Aug 31, 20176 mins

Ergonomic chairs and healthy snacks used to help take the sting out of 9-to-5 work days, but employees expect more today – and organizations are keen to oblige. In fact, a study by Deloitte University Press reveals nearly 80% of executives think the employee experience is very important (42%) or important (38%). Giving employees the chance to work with cutting-edge technology is one way to engage, challenge, and keep employees engaged.

Virtual Reality (VR) has moved from the realm of gamers and into different organizations to help differentiate the employee experience while also improving productivity and employee retention. VR benefits users by making them feel present within their work. It provides an immersive experience that establishes a closer, more intimate relationship between the user and information, enabling better, faster, and more informed decisions.

A growing list of organizations believe VR has a place is the future of work, and offer training and education programs using VR technology. UPS plans to use VR for driver safety training. Walmart Academy uses VR to train employees about store operations, and how to provide better customer service. Even surgical residents use VR to learn about organs by putting themselves inside virtual representations of hearts or lungs, and to perform delicate, cutting-edge brain surgery.

Security is equally ripe for the kinds of change VR can offer. It can provide differentiated, exciting experiences designed to make life in the SOC more enjoyable, analysts more productive, and talent easier to attract and to retain.

Move Beyond Pie Charts

The aesthetics of security user interfaces (UI) haven’t changed much over the last two decades. They have been dominated by multicolor bar graphs and pie charts, and supported by text that doesn’t easily provide context for what the user is seeing. There are two reasons why this old dynamic is problematic.

First, static UI designs cause user frustration which leads to fatigue, boredom, or worse, burn-out. VR creates an exciting, game-like experience where analysts can see threats to their organization’s technology assets and their environment in a unique, three-dimensional virtual workspace. It helps dissolve the space between information and visualization, bringing analysts closer to information so they can develop a more engaging relationship with their network.

Second, forcing analysts to work in a two-dimensional world doesn’t enable them to be as productive as they could be. Our stereoscopic vision allows us to sense depth and density which can be unique characteristics when applied to UI design in VR. Instead of interpreting changes in network security conditions based on charts or numbers and percentages, analysts can use VR to see and relate to those changes more intuitively when represented as three-dimensional objects.

Just as a person becomes more familiar with a new neighborhood by walking through it a few times, these objects will become familiar over time, they gain a new kind of situational awareness. By recognizing shifts in an object’s color, size, or shape, and depending on the conditions they observe, analysts have an innate sense for what requires action and can manipulate objects quickly to mitigate threats or to perform deeper forensic investigations.

Master Massive Data Sets

As networks grow, become globally distributed, and include more than just traditional on-premises networks like the public cloud and industrial environments, the products security analysts rely on to keep them safe will generate exponentially scaling amounts of data. In fact, analysts typically have so much raw data to analyze manually that it can take weeks or even months to surface anomalies, and is likely why the average attack isn’t detected for between 100 and 191 days – well after it’s already happened.

Further complicating investigations, most security analysts have relied on in the past is managed largely through log files containing timestamps and strings of text. While logs are easy to collect, making them the default source for information, they’re not easy to use for investigative purposes. Analysts can search those files, and they can correlate the information between them, but doing so isn’t easy or scalable. It’s time consuming, it’s fraught with the potential for errors, and importantly, it’s not visual.

Using VR, analysts can become immersed in massive data sets, instead of becoming overwhelmed by logs generated by multiple, disparate security products. Coupled with the unlimited capacity and compute of the cloud, data – including full-fidelity PCAPs – can be collected, correlated, and visualized in a more intuitive way that reduces the time it takes to work through detection-triage-resolution workflows. On premises security products simply aren’t capable of storing that volume of data, and they certainly don’t have the computing power to analyze any of it either.

Satisfy Tomorrow’s Analysts

When it comes to the staff needed to support a successful security program, it’s no surprise that experienced talent is hard to find. In fact, by 2019 the global shortage of cybersecurity professionals is expected to reach 2 million. With threats rapidly multiplying in volume and severity, that means incident responders and threat hunters have to work extra hard just to keep up. Their jobs also require specialized skillsets that are often developed on the job, which makes the talent you have today particularly valuable, especially when it takes up to six months to replace anyone you lose.

Providing VR experiences can give you a leg up on the fierce competition for these hard-to-find experts. Not only is the technology cool and different, it actually has a practical business use case that makes threat hunting and response more efficient for your team and more enjoyable for the analyst.

Consider that almost three quarters of people aged 2-20 have video game consoles in their homes. While you might think the Millennial generation is the one to worry about, Generation Z is starting to enter the workforce, and it will expect gamification of work as the norm, not an exception. Cool visualizations and immersive experiences will more or less be required to keep this new generation of security professionals engaged.

But these VR experiences aren’t just exciting because they’re cutting edge, they’re also important because they provide analysts with better situational awareness, which helps improve your organization’s overall security posture. If analysts can scan a visualization quickly and know right away what’s going on in their environment, they are better prepared to stop threats or to mitigate their effects on the business.

More Than a Pretty Face

Virtual reality isn’t just a gimmick, and it’s not just putting window dressing on an otherwise ugly interface. It offers a revolutionary new way to manage security, an industry that’s well overdue for a facelift. Offering VR interfaces to your security staff goes beyond providing cool new experiences, it helps improve employee satisfaction, keeps your team focused and more productive, and attracts the talent you need to keep your business safe.

Chief Product Officer

A proven leader in the security industry, Ramon is responsible for product strategy, development and market delivery. Prior to ProtectWise, he was Vice President, Web Protection at McAfee. With a track record of creating category-leading security products and companies, he has held executive product and business development positions at Proofpoint, Websense and Symantec. He serves as a board member for Abusix, Inc., a network abuse and threat intelligence company and Identity Finder LLC, a sensitive data management solutions provider. Ramon holds a M.B.A. in Finance & Entrepreneurial Management from The Wharton School and a B.A. in World Politics and Spanish from Hamilton College.