Richard Kirk, Senior VP, AlienVault, discusses the need for visibility and detection for companies of all sizes.
When I’m talking to customers, people often ask me: What do I think are the most significant IT challenges that people and companies face today? And I can’t honestly say that there is on in particular, but what I would say is that if any of you have ever been to an IT security show, you probably will be completely confused by the hundreds and hundreds of companies that are there. And yet why is it that we continue to suffer from so many breaches? And I think that the real challenge that we have is not that we don’t have effective security protection – the real problem is we don’t have visibility and detection. We can have all the protection that we want in the world, but if we can’t actually see what’s going on inside our systems, our applications, and our networks, then frankly speaking, a lot of the protection is not really worth much, because we don’t know what’s going on.
The answer isn’t buying more technology, because frankly, there’s more than enough technology, security technology that is, in the market today for everybody. So that’s clearly not the answer. The answer is more about how you actually use it, and what you do with it, and how you organize your own company, because people often say that if you don’t have the processes in place to be able to react to security issues, then it probably wasn’t even worth knowing that they were there. So you have to be aware of what’s going on, but more importantly you have to have processes in place. Now, a big trend that I see happening right now is that… it used to be that only the very large companies could afford serious security, but that, frankly, is changing, and I think that there has to be a very big shift towards helping what we would refer as the mid-market. In other words, large companies, but companies that don’t have budgets and people to be able to take on a very big security project, but nevertheless still have a problem.