While the amount invested into security programs differs across different organizations, the areas of investment shouldn't.
Whether it's trying to support the business, mitigating risk, or managing disruptive technologies, every organization has a common thread that drives the opportunity for security program improvement.
In this video Hadi Hosn, SecureWorks Head of Security Strategy and GRC Consulting in EMEA, gives a quick overview of three important areas of investment that are key to improving security strategy based on SecureWorks client engagements across the world.
Top 3 opportunities to improve security programs for our clients are consistent across the clients that we see. So we see one of them is investing in managed security services and threat intelligence. Organizations want to focus their resources on strategy, on innovative technology and trying to find new ways of doing business and supporting the business. They want to be able to work with partners who are carrying out the operational tasks and bringing in threat intelligence and operationalizing the security services for that organization so managed services is really one of the key investments we see nowadays.
Another investment, is an investment on the endpoint past the antivirus state. Antivirus as we said is very signature based and if we haven't seen a threat before, antivirus will not pick that up. Think about this analogy if a bank guard lets a robber in just because the police hasn't released a description of what a robbery suspect looks like, really that's not the right way to do security. The bank guard needs to be smart and needs to have an idea of what a robbery looks like and build on that behavior to try to identify that threat and try to mitigate it. And that's where investments are going nowadays with our clients. It's trying to build an analytics and a behavior engine on that endpoint.
The third investment or the third improvement to security programs is around how a client addresses the cloud and how do they address the new disruptive technologies. And this could be through workforces that are flexible. So we see organizations coming to us and asking if we have solutions to help them manage their disruptive technologies around mobile, cloud and different security operations. And we've built a center of excellence out of Romania that addresses a number of these challenges. Clients really like that proposition and they're starting to invest more into it and their security programs nowadays.