The information security marketplace shift
In this podcast recorded at RSA Conference 2017, Garry Sidaway, SVP of Security Strategy & Alliances for NTT Security, talks about the shift in the marketplace, and how effective security controls enable the increasingly connected world and digital economy to overcome constantly changing security challenges.
Here’s a transcript of the podcast for your convenience.
I’m Garry Sidaway, SVP of Security Strategy & Alliances for NTT Security. Today I’m going to talk to you, really, about the shift in the marketplace, the shift from what was traditional managed security services with managing devices and alerting.
Our client base require much more business focus now. Looking at how they interact with the business and the business reporting that comes out of a managed service, that shift is also shifting towards managed detection and response rather than just simply detecting and sending an email or picking up the phone.
They actually want to partner with us and build those business processes into their business so they can actually take action, and proactive action against the threats that they’re facing. It’s definitely a shift in the service focus away from that device management and the sort of uptime that was prevalent in the traditional managed decoding services. It’s a shift, and a shift away from what we’re seeing in the market now, increasing cyber threats. They want to be able to proactively look at those threats, put into controls and measures around that, and protect themselves ahead of those threats impacting their business.
That means we’ve invested huge sums of money in terms of R&D into machine learning and advanced analytics. And that’s, really, to make the focus of our experts much more efficient. So how do we make our clever people more efficient in how they determine there’s a threat against a business? How do they put that threat into the context of that business, as well? So putting those risks in context for the business is very important, certainly for our clients.
They need to understand what that impact is, they need to understand what controls and measures they want to put in place to proactively protect themselves, but also in that context of their business. So, do they need to put people in over the weekend because it’s a serious threat to their production or is it something that they can take a little bit more time, and analyze it in a bit more detail?
That’s, again, the shift from the reporting into a much more business aligned. They don’t want to know that it’s a vulnerability on a system and it’s a critical vulnerability, they actually want to understand it’s a vulnerability against their production system; and if they don’t fix that, that production system is going to cost them x millions of dollars, because they can’t produce the component. That’s the shift that we’re seeing within our marketplace. And that’s the shifting that we’re seeing in terms of our managed security services.
We’re also shifting away from proactively. So how do we use threat intelligence much more efficiently? And then, how do we actually embed that into the services that we’re actually delivering to our clients. So the focus for NTT Security is on those analytics. How do we ensure that the wealth of information that we’re getting is actually information rather than just data noise? Turning that into actionable intelligence, turning that into proactive controls and measures to protect those organizations ahead of time.