Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Three Questions You Should Ask Security Vendors

It’s time for RSA Conference again. That annual gathering of enterprise security professionals, technology manufacturers and solution providers, and partygoers, where you will find some of the brightest minds in the industry and the newest and most innovative companies with the goal of helping you better secure your enterprise.

It’s time for RSA Conference again. That annual gathering of enterprise security professionals, technology manufacturers and solution providers, and partygoers, where you will find some of the brightest minds in the industry and the newest and most innovative companies with the goal of helping you better secure your enterprise.

The trouble is – how do you know what technologies, products and services will address your needs? Lately, I have written a lot about fundamentals and even dedicated podcast episodes of late to the cause. Some people have taken notice because we’re having discussions about fundamentals and there is renewed focus here.

With that in mind, here is my list of the top three questions you should ask as a customer of the security industry. As a potential buyer and consumer of security technologies, I believe these are reasonable things to ask, not just at RSA Conference but any time you’re approached with a new technology, product or service.

What to Ask Security Vendors1. What business problem does this solve?

So many of the technologies, services and solutions on the show floor of RSA Conference are great ideas. Many of them are potentially great solutions – but are they right for you, right now? More importantly, do these solutions address a problem that requires your attention now because it is at the top of your list? In the past I’ve worked for CISOs who made purchases, based on recommendations of my peers, that solved a problem so far down the needs scale it worried me. Sure it’s great, but what good does it do if it’s a distraction from more important things (like those pesky fundamentals) or is it isn’t going to get the proper attention right now? Let’s focus on solving problems at the top of the business-risk-priority stack, and getting this right before we chase cool solutions.

2. Do I have the resources to plan, design, implement and operationalize?

Security tools and solutions should work to remove burden from your existing resources. A tool that requires more of your people’s precious time but doesn’t offer any measurable payback elsewhere is of little use. The industry has seen inadequately planned, designed, and implemented solutions struggle here. Not to pick on SIEM, but this is one of those common tools that cases where the expectations mismatch the product’s capabilities. It’s a fantastic idea – to centralize your logging, collection and correlation and alerting – unless you forget the operational human power and processes that are required. You’ll need someone to tune it, operate it, and respond when it fires alerts. If you don’t have those resources today, and you aren’t budgeting for the appropriate additions for your purchase cycle – think it through as part of the overall evaluation.

3. What task does this automate that my existing tools cannot do?

It turns out that many of the things you want to buy, your existing tools already do. Shocking. This isn’t new or revolutionary, but what you should ask yourself and your provider is this – does my existing toolset perform at least 80 percent of the functions this new tool includes? That percentages number is a sliding scale based on your budgetary capabilities and your critical need for those features which don’t overlap. I’ve seen far too many tools that overlap entirely too much with existing solutions but that organization purchase anyway for either political reasons or simply lack of knowledge.

Advertisement. Scroll to continue reading.

If you are at RSA Conference this week, I hope these tips help make sure experience more productive and enable you to choose the right solutions for your organization. Enjoy the show!

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet