How to Escape the Security Arms Race and Thrive

… building your own SOC today:

• Next-gen IDS/IPS
• Threat intel subscriptions
• SIEM platform
• Endpoint forensics and detection
• Vulnerability scanners
• Forensic tools

To this list, add staff — anybody looking to develop DIY capabilities in-house must also understand that you need a minimum of 10-12 people to staff a facility on a 24/7 basis. Employees get sick, take holidays and sometimes resign unexpectedly — to ensure you always have 24/7 coverage, you need a lot of people.

Finding the Help You Need Is Possible

Part of the cost consideration mentioned above means also looking at what assistance a security solution or vendor offers you. Just because you don’t have the full-time, dedicated staff needed for one solution doesn’t mean you’re out of luck. There are MSPs and other security solutions that can provide the tools you need while also supplying the skilled individuals. Many MSPs have strong partnerships for SOCs, for instance. That’s far more affordable for many organizations than trying to establish a whole SOC themselves.

When it comes to finding a security solution, there’s too often a temptation to purchase something, check off the appropriate boxes and move on in a sort of “set it and forget it” approach. Companies that fall into this trap will forever be behind the eight ball. And no matter how many tools you’re using, be it 10 or 70, none of it matters if detection and response isn’t a key element.

Looking at the holistic costs is essential – how many people, and which skills are needed to run the solution you’re looking into? Will you be able to find the talent needed to run it? Is outsourcing more cost-effective? You don’t have to reinvent the wheel; there are options available that provide assistance along with a solution. Do an internal resources inventory to see if you have the tools and talent to create the security your organization needs. If not, vet those who offer such services to find the best fit.

Chris Braden is a veteran sales and channel executive. In his current role at eSentire as vice president, global channels and alliances, he is responsible for eSentire’s global channel program, overseeing strategic partner recruitment, international expansion and growth with current partners through an improved enablement program. He is a 2019 CRN Channel Chief recipient. Chris also oversees strategic partnerships with key partners Carbon Black, Sumologic and Cyxtera. Chris holds a bachelor’s degree from the University of Virginia and a master’s degree in business administration from George Mason University. Follow him @eSentire or @cbraden128 on Twitter or on LinkedIn.