Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Three Questions You Should Ask Security Vendors

It’s time for RSA Conference again. That annual gathering of enterprise security professionals, technology manufacturers and solution providers, and partygoers, where you will find some of the brightest minds in the industry and the newest and most innovative companies with the goal of helping you better secure your enterprise.

It’s time for RSA Conference again. That annual gathering of enterprise security professionals, technology manufacturers and solution providers, and partygoers, where you will find some of the brightest minds in the industry and the newest and most innovative companies with the goal of helping you better secure your enterprise.

The trouble is – how do you know what technologies, products and services will address your needs? Lately, I have written a lot about fundamentals and even dedicated podcast episodes of late to the cause. Some people have taken notice because we’re having discussions about fundamentals and there is renewed focus here.

With that in mind, here is my list of the top three questions you should ask as a customer of the security industry. As a potential buyer and consumer of security technologies, I believe these are reasonable things to ask, not just at RSA Conference but any time you’re approached with a new technology, product or service.

What to Ask Security Vendors1. What business problem does this solve?

So many of the technologies, services and solutions on the show floor of RSA Conference are great ideas. Many of them are potentially great solutions – but are they right for you, right now? More importantly, do these solutions address a problem that requires your attention now because it is at the top of your list? In the past I’ve worked for CISOs who made purchases, based on recommendations of my peers, that solved a problem so far down the needs scale it worried me. Sure it’s great, but what good does it do if it’s a distraction from more important things (like those pesky fundamentals) or is it isn’t going to get the proper attention right now? Let’s focus on solving problems at the top of the business-risk-priority stack, and getting this right before we chase cool solutions.

2. Do I have the resources to plan, design, implement and operationalize?

Security tools and solutions should work to remove burden from your existing resources. A tool that requires more of your people’s precious time but doesn’t offer any measurable payback elsewhere is of little use. The industry has seen inadequately planned, designed, and implemented solutions struggle here. Not to pick on SIEM, but this is one of those common tools that cases where the expectations mismatch the product’s capabilities. It’s a fantastic idea – to centralize your logging, collection and correlation and alerting – unless you forget the operational human power and processes that are required. You’ll need someone to tune it, operate it, and respond when it fires alerts. If you don’t have those resources today, and you aren’t budgeting for the appropriate additions for your purchase cycle – think it through as part of the overall evaluation.

3. What task does this automate that my existing tools cannot do?

It turns out that many of the things you want to buy, your existing tools already do. Shocking. This isn’t new or revolutionary, but what you should ask yourself and your provider is this – does my existing toolset perform at least 80 percent of the functions this new tool includes? That percentages number is a sliding scale based on your budgetary capabilities and your critical need for those features which don’t overlap. I’ve seen far too many tools that overlap entirely too much with existing solutions but that organization purchase anyway for either political reasons or simply lack of knowledge.

If you are at RSA Conference this week, I hope these tips help make sure experience more productive and enable you to choose the right solutions for your organization. Enjoy the show!

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...