Another issue exists where companies in more rural areas, or away from technology centers, find they have a lack of a talent pool from which to hire.
TH: Everyone is equally at risk, but not everyone is equally equipped to combat the problem. SR: Are small-to-medium businesses (SMBs) more at risk for lacking cybersecurity resources or becoming overwhelmed? Or is that a misconception? For example, what is the most pressing risk to your organization? Is it protecting a database full of client information? Start there and determine what layers you can put into place that will protect that information. In most cases, breaking down the problem into risk levels and tackling the highest risk first is our most common recommendation. For others, the information is welcome, but they don’t know where to start. For some, this information isn’t necessarily welcome, particularly if they do not have the knowledge, expertise, or existing infrastructure to implement the needed changes.
Information Security practitioners are often stuck in the position of explaining the deeper risks to their business. SR: Following up with that, what issues do managed security services providers run into in trying to help enterprises improve their cybersecurity platforms? What programs do they not understand or not wish to implement, if any? In both situations, there is a lack of clear understanding of business impacts, such as an attack on their infrastructure and/or data assets. These organizations are taking an almost hands-off approach to security by relying on “we’re too small to be a target” or “we don’t deal with sensitive information” stances. Other organizations are fatigued and/or unaware of the threats their business faces. With this complexity, the ability to effectively manage the entire security landscape becomes impossible. This, then, increases the complexity of their environments. What happens is IT managers are continually implementing new solutions to address single issues, often only partially implementing new solutions. What we’re finding is that most IT managers are focused on uptime and prioritize the availability of systems, often relegating security to budget line-items. Tyler Hardison: A lot of organizations are struggling to stay ahead of the current and latest threats. Here’s our conversation, edited slightly for readability: Solutions Review: Speaking as a Managed Security Services Provider (MSSP), where do enterprises need the most cybersecurity help? Where are they faltering the most (SIEM, risk assessment, etc.)? But what does your enterprise face in cybersecurity that requires the intervention of managed security services providers ? What resources can these vendors provide? To answer these questions and more we turned to Tyler Hardison, CTO of managed security services provider Redhawk Network Security.
0 kommentar(er)
