At SoftwareONE they try to select the best solutions in the security landscape. Let’s face it, the number of security vendors increases dramatically every year. We wondered how you get to the right selection, because there is so much choice and ultimately there is also enough to secure. We talked to Eric Bruseker, EMEA MultiVendor Leader Security at SoftwareONE.
SoftwareONE specializes in designing and advising on a good software portfolio. With a good security architecture applications can collaborate and integrate properly and are in the right cloud. Your organization and employees will be more productive and safer at work. An added bonus is that you can often save costs by eliminating unnecessary licenses. Although security must of course be the starting point.
Organizations need to be secured in a completely different way
It also means that you will have to secure all these modern (cloud) applications. Whereas in the past you could place everything in your own data center and put a big fence around it with security solutions, today that is impossible. Most companies have a multi-cloud strategy and use SaaS applications. Perhaps more importantly, people have gone hybrid and are no longer in the office all day.
What can you secure?
If we look at what can or perhaps should be secured, we can make quite a list. Identity, network, devices and applications. You want to develop as much consistency and cohesion in these as possible. For organizations that develop web and cloud applications, API Security and DevSecOps are a requirement. Every IT environment is unique and needs a different security approach. For example, if an organization runs on legacy Windows servers, there is often a reason for that. They can’t simply migrate to the latest version. It is then important to determine how best to secure them.
The attack surface increases every year
This is just an example of what needs to be secured. You could also zoom in even further. For example, by applying malware protection on endpoints, but also specific email security, ransomware protection or a VPN. More and more IT vendors are therefore including security in their strategy. Existing security manufacturers are also placing an increasingly broader portfolio in the market. IT, and the way we use it, is hugely diverse and cybercriminals only need a small hole in the line of defense to get in.
The ways a criminal can get into an organization are very different today than they were a few years back. That big virtual fence was ideal from a security perspective. Now everything is distributed and each device and application must be secured separately. That’s why zero-trust is on the rise. Nowadays, with almost every action or event, you need to verify that the application or device you are communicating with also has the right authentication. Context plays a big role in this. Can you expect certain actions from such an application? A smart light bulb or a printer will not communicate with an ERP system by itself. If it does, there should be immediate action.
How does SoftwareONE design security strategy for customers?
During our conversation with Bruseker, we talked extensively about the developments in the security industry and what’s going on. We also asked him what approach or solutions SoftwareONE uses for its customers. Is there a kind of standard package that every organization needs?
Bruseker states that security is a real challenge for many companies. However, customers are increasingly aware of the risks. He is experiencing more and more customers who see it not as a technical risk, but as a business risk.
“Customers no longer see cybersecurity as a technical risk, but as a business risk.”
That’s a good first step, but Bruseker also acknowledges that customers are often still in different stages of thinking. They think they need a specific solution when it makes more sense to take a step back and consider what the purpose of the desired solution is. There is no standard package or solution that works for every customer.
It is still common for customers to forget to protect certain attack surfaces. This means that more security is required than the customer had estimated. Sometimes that’s a difficult message to convey, because it can mean purchasing more security software.
However, customers often already have many security suites in use, but are not aware of all the available functionalities. Or they don’t know which solutions can work together with existing solutions within their own environment. By integrating these solutions, you strengthen the security layer. This often means that it becomes a kind of mix-and-match of suppliers to establish a good comprehensive security plan. With a good security plan, the costs can be managed better and the solution is more financially attractive for the customer than replacing everything at once.
Controlling or limiting the number of security solutions?
We also asked Bruseker how SoftwareONE ensures that customers do not have to deal with dozens of security solutions. Does SoftwareONE limit the offering towards the customer or are there other ways to keep this in check? Bruseker immediately points out that some customers have followed a “best of breed” strategy for years. By simply purchasing the solutions in a Gartner magic quadrant. This has created an IT environment with solutions that all work independently of each other. Perhaps even worse is the enormous amount of security solutions. It is very expensive to support and keep all these solutions running. Financially, but also in terms of knowledge and labor hours. That is why the advice is to consolidate as much as possible and to let solutions work together to strengthen security.
Cybersecurity Mesh Architecture
Fortunately, we have also entered a phase where consolidation is taking place and security solutions are integrating multiple disciplines into their solutions so that you can do more with the same solution. This is also known in the industry as the Cybersecurity Mesh Architecture. SoftwareONE is also working toward providing a more overarching platform.
The SoftwareONE Security Platform
In principle, SoftwareONE can deliver thousands of applications and also hundreds of cybersecurity solutions. However, then we are talking purely about licensing. As described earlier, you want to avoid a proliferation of solutions.
That is why SoftwareONE has made choices in which solutions it extensively supports itself. Which it will offer through a partner and which it can only offer a license for. Supporting everything is not feasible. For the security solutions that SoftwareONE fully supports they have the highest partner statuses, the right certifications, knowledge and expertise in-house to be able to fully advise and support their customers.
Bruseker states that the SoftwareONE platform still offers choices between different security solutions. The pre-selection makes sure that the different security solutions can also work together. This results in a better overall security for the organisations, but above all, it can maintain a better overview of the security strategy and portfolio.
You hear more and more “it’s not a question if, but when you get hacked”. In that context you see that in cybersecurity there is much more attention to response. Of course you have to keep applying security to keep the criminals out, but you also have to have an action plan in case a hacker gets access to your systems. Should a hacker get in, XDR (Extended Detection & Respone) allows you to more quickly detect anomalous behavior within your own network and even take action before any damage is actually done.
An XDR itself can already find a lot of relevant information. If you can also feed it with logs and alerts from other solutions, such as a Security Incident Event Management (SIEM) solution, it becomes much more powerful.
Ultimately, SoftwareONE wants to use its security platform to offer a total package that is modular and contains many different security solutions. So that for each customer can be determined what the best approach is and which security solutions are needed.
Would you like to know more about the SoftwareONE Security Platform?
If you want to know more about the trends in cybersecurity and how SoftwareONE anticipates the latest developments in this area, come to the Security Event on October 11 in Utrecht or on October 12 in Brussels. SoftwareONE’s Chief Security Architect Ravi Bindra will explain SoftwareONE’s vision for Vendor Consolidation and the roadmap for managed security services. Ethical Hacker Barry van Kampen will explain the importance of a good security strategy using real-life examples. In addition, speakers from Microsoft, Broadcom (Symantec), Sophos, Trend Micro, Salt Security, CrowdStrike, Trellix (McAfee), Tenable and Skyhigh Security will explain Gartner’s top trends in Cybersecurity.