The organizations I work with are undergoing a major shift in how they think about security tools. For the past decade, many CISOs and CIOs have voiced a familiar refrain: “We want to use best-of-breed security solutions.” Conventional wisdom said that the best way to reduce risk was to use the absolute best product in each security solution category. It was quite common for a single customer to run firewalls, intrusion prevention systems, endpoint protection technology, security information and event management (SIEM) tools, and mobile device management solutions, all from different vendors.
I’m hearing a different story these days. The proliferation of tools is leading to a staffing crisis. The cybersecurity job market is incredibly tight, and organizations simply can’t find qualified staff to fill all of their open positions. This is compounded in situations where an organization runs five different security products and tries to find someone experienced in each of them. Product diversity also creates training issues for existing staff, who must remain current on a large set of constantly changing products.
Today’s CISO no longer embraces the best-of-breed approach to security technology and, instead, wants to achieve a “single-pane-of-glass” management approach. With this approach, security teams can use just one console to monitor and manage all of their security products. Se curity orchestration products make this possible by combining management capabilities for a wide array of security products in a single console. In addition to improving the organization’s ability to manage its security infrastructure, orchestration solutions reduce training requirements, make it easier to fill open positions and reduce the need for dedicated cybersecurity staff.
Orchestration in the Real World
I’ve seen orchestration solutions pay dividends for a wide range of organizations. I recently worked with the IT director at a midsized manufacturer on the West Coast with 200 employees, only five of whom are dedicated to IT support. He told me that he knew the firm didn’t devote enough time to security, but he didn’t have the funding to hire another staff member, and his existing team was already stretched too thin supporting other technology initiatives.
We worked with him to deploy McAfee’s ePolicy Orchestrator (ePO) as a cloud-based orchestration solution. I love recommending ePO to midsized businesses, in particular, because McAfee does a great job of playing well with security technologies from other vendors. While McAfee does offer its own very strong security products, it simply wasn’t in the cards for my customer to rip out his existing security infrastructure and replace it with products from a single vendor. The ePO solution made it possible for the IT director to manage everything he had on site from a single console.
The end result? The leadership at the manufacturing company was thrilled. They had previously dedicated an entire IT staff member to maintain the hardware associated with their SIEM solution. Moving this to the cloud freed up that engineer’s time for other work. He’s now able to spend his time focusing on initiatives that contribute directly to the business.
This blog post brought to you by: