https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Cybersecurity

Security Roundup: Exabeam, WatchGuard, eSentire, WhiteHat

  • Written by Edward Gately
  • September 15, 2018
Issues facing SOC professionals include too many alerts, a shortage of talent and a lack of technology.

With the cyber threat landscape changing so rapidly, it’s tough to stay ahead of the bad guys, and it’s even tougher if you don’t have enough firepower in your arsenal.

At this week’s Exabeam Spotlight 2018 conference, its inaugural user conference, Steve Moore, chief security strategist, spoke with us about the latest issues facing security operations centers (SOCs), the changing definition of insider threat, and if there’s any light at the end of the tunnel in terms of winning the cybersecurity war.

Moore spent the last two-and-a-half years building health care provider Anthem’s cybersecurity program post-breach. He also wrote Exabeam’s recent State of the SOC report.

In terms of insider threats, the definition has expanded beyond someone who works for you and means you harm, Moore said.

“The insider threat is, to me, somebody who means you harm or someone who is also compromised and is ignorant to that fact,” he said. “So Steve Moore means you no harm, but my credentials are stolen or I have malware on my machine, and now my electronic self is zipping about and being party to a potential breach. So the issue is that most organizations don’t understand internal attribution, so most are ignorant to the fact that if they have a compromised person who as a human soul means them no harm, but as an electronic entity that’s been compromised, that is a issue. You’re almost having to reteach … if there [are] innocent people involved.”

Exabeam's Steve Moore

Exabeam’s Steve Moore

For his report, Moore spoke with SOC professionals across CISO, CIO, analyst and management roles, and found three key issues: too many alerts, a shortage of talent and a lack of technology.

“They have alert fatigue, which is not only overwhelming them, but causing them to miss what is important,” he said. “Fatigue leads to lack of prioritization, which is just sort of this muddled mess, which then leads to never really running down one thing completely. You’re just sort of halfway done with lots of things.”

And beyond the talent shortage, many respondents said the people they work with aren’t qualified enough, “so it’s not the fact that there’s an empty seat, but I’m in that seat and I’m not good enough to do the job,” Moore said.

“The next is technical debt … so the technology that we have is aged to the point where it is ineffective,” he said. “So we have this perfect storm that has arrived on our doorstep of too many alerts, not enough people, not enough qualified people, and we’re doing it with old tech. I can’t think of something that’s much worse.”

Moore’s advice: Do fewer things better. Pay attention to fewer alerts and identity current tech deficiencies, he said.

“And I’m going to tell all the executives this because right now, the state we’re in, we’re ineffective right out of the gate,” he said. “We’re garbage right now and we’re OK with it. We’re going to continue for a period of time being garbage, but out of that we’re going to do a few things very well. We need to work on prioritizing our work, prioritizing on the events and the triaging better, and then we’re going to collapse the time it takes us to perform those tasks.”

Also, the most senior people are going to “stop being nerds and they’re going to start being mentors,” Moore said.

“So we’re going to take the people we have who aren’t up to snuff and we’re going to train them up and we’re going to do that by …

  • Page 1
  • Page 2
  • Page 3
  • Page 4
Tags: Agents Analytics Cloud Mobility & Wireless New Products & Services Security

Related


  • Fusion Connect's Rick Ribas
    Channel People on the Move: 8x8, TBI, Telarus, Microsoft, IBM, More
    Now featuring big new hires and promotions in the telecom and IT channels.
  • Word innovation with power button
    Exclusive: As AWS Turns 15, Doug Yeum Predicts Even More Innovation
    The head of channel talks milestones, what’s coming, telecom agents and working with new CEO Adam Selipsky.
  • Women's hands joined together
    Female Founders, Investors Propel Spekit's Disruptive Technology
    The company’s in-app training platform is redefining how employees learn and retain knowledge in the workplace.
  • Secure Web Gateway Remote Worker
    Comcast Business Enhances Security, Taps Palo Alto for SASE VNF
    Comcast expanded its ActiveCore SDN platform with a new VNF.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Talkdesk, InContact Vet to Lead Observe.AI Partners as Head of Channel
  • Watch Out Cisco, RingCentral, 8x8: Intermedia Going Public
  • RingCentral Buying Kindite for Enhanced Security Capabilities
  • Coffee with Craig and James Episode No. 91: MSP 501, SAP Channel Chief

Galleries

View all

10 Ways to Keep Customers Safe with Threat Protection by Year’s End

April 9, 2021

Industry Perspectives

View all

Why Every MSP Should Consider TCO When Selecting a BCDR Solution

April 9, 2021

6 Ways to Ready Your Customers for 5G Security Challenges

April 5, 2021

Endpoint Security Is Huge in the Merging New World of Work

April 2, 2021

Webinars

View all

Top 3 Intel Security Technologies To Help Against Advanced Cybercrime Attacks

April 15, 2021

What to Look For: 2021 Threat Report

April 22, 2021

Health Care and SD-WAN: A Seller’s Guide

April 27, 2021

White Papers

View all

Top Tips: How Resellers Can Leverage Rackspace to Enhance Customer’s Cyber Security Protection with Microsoft 365 Security

March 30, 2021

Top Tips: Optimize Your Microsoft 365 Investment with Rackspace Technology

March 30, 2021

The Smart Approach to Cloud Workload Placement Decisions

March 19, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

MSP Summit

November 1, 2021 - November 2, 2021

Channel Evolution Europe

November 30, 2021 - December 1, 2021

Videos and Fastchats

View all

FASTCHAT: How Fortinet Reduces Complexity Through Networking, Security

Strong Customer Experience Needs Strong Partner Experience

December 22, 2020

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

2021 Excellence in Digital Services Awards App Open

December 9, 2020

Twitter

ChannelFutures

"Who could ask for more?? These guys bring an awesome energy and always highlight the need-to-know of the channel..… twitter.com/i/web/status/1…

April 10, 2021
ChannelFutures

Anti-Asian racism, and racism and discrimination of all forms, have zero place in our society. #StopAsianHate and t… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

MSSP @inc_renaissance promotes Trish Kapos to channel chief. #cybersecurity dlvr.it/RxLQ6g https://t.co/oWCdHeRqIW

April 9, 2021
ChannelFutures

.@GetSpectrum ordered to pay @Windstream more than $19 million for deceptive mailer. #lawsuit… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

.@Percona says channel can help with #opensource solutions and #databases for everything from aspirational to must-… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

Our latest #Cybersecurity Roundup features @HuntressLabs on @Microsoft Exchange exploitation, @ptsecurity,… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

.@SemperisTech unveils first branded partner program. #cybersecurity dlvr.it/RxH4Bq https://t.co/TVjG8xhGNv

April 8, 2021
ChannelFutures

.@PerchSecurity announces its 2021 MSP Threat Report, calling on MSPs to build a mature cybersecurity practice.… twitter.com/i/web/status/1…

April 8, 2021

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X