While the amount invested into security programmes differs across different organisations, the areas of investment shouldn't.
Whether it's trying to support the business, mitigating risk, or managing disruptive technologies, every organisation has a common thread that drives the opportunity for security programme improvement.
In this video Hadi Hosn, SecureWorks Head of Security Strategy and GRC Consulting in EMEA, gives a quick overview of three important areas of investment that are key to improving security strategy based on SecureWorks client engagements across the world.
Top 3 opportunities to improve security programmes for our clients are consistent across the clients that we see. So we see one of them is investing in managed security services and threat intelligence. Organisations want to focus their resources on strategy, on innovative technology and trying to find new ways of doing business and supporting the business. They want to be able to work with partners who are carrying out the operational tasks and bringing in threat intelligence and operationalising the security services for that organisation so managed services is really one of the key investments we see nowadays.
Another investment, is an investment on the endpoint past the antivirus state. Antivirus as we said is very signature based and if we haven't seen a threat before, antivirus will not pick that up. Think about this analogy if a bank guard lets a robber in just because the police hasn't released a description of what a robbery suspect looks like, really that's not the right way to do security. The bank guard needs to be smart and needs to have an idea of what a robbery looks like and build on that behavior to try to identify that threat and try to mitigate it. And that's where investments are going nowadays with our clients. It's trying to build an analytics and a behavior engine on that endpoint.
The third investment or the third improvement to security programmes is around how a client addresses the cloud and how do they address the new disruptive technologies. And this could be through workforces that are flexible. So we see organisations coming to us and asking if we have solutions to help them manage their disruptive technologies around mobile, cloud and different security operations. And we've built a center of excellence out of Romania that addresses a number of these challenges. Clients really like that proposition and they're starting to invest more into it and their security programmes nowadays.