Evaluate your SIEM
Get the guideComplete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.
October 9, 2024
Back to blog results
It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed.
Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help. In fact, plenty of large-scale organizations and enterprises also use MSSPs to augment and expand their internal teams.
As a result, the service provider market has rapidly expanded–more like exploded–in recent years. These service providers are often faced with a lot of too-good-to-be-true vendor marketing.
I’ve encountered a lot of skepticism in meetings with Sumo Logic’s service provider partners who have to balance the need for new technology and the need for solid, reliable solutions. While this is a challenge faced by all purchasers of technology, the risk of investing in the wrong solution is compounded for security service providers.
Operationalizing, hiring, and mastering technology isn’t something that can be done with the stroke of a pen from procurement. The investment and risk that is accepted when providers decide to adopt new, critical technology is serious, and shouldn’t be taken lightly.
My perspective on the topic of oversaturation and general technology fluff might be surprising, considering my role as Field CTO for Partners at Sumo Logic. I advise all partners to embrace skepticism. It’s vital to understand what outcomes and value a technology investment can do for your organization. Don’t get caught up in the latest shiny widget because that is what is covering your LinkedIn feed.
Platform v. best of the best
“Oh wow! That platform that was just announced by that huge corporation can solve all of ours and our customer’s needs in one place”, said no one who has ever been in charge of diversifying critical services or infrastructure. As budgets squeeze and vendor technologies expand organically or through large-scale mergers and acquisitions, we increasingly see a push toward consolidating critical systems with a single vendor.
While some amount of tool consolidation is good, and necessary, don't fall for the soup to nuts marketing that you are hearing from security vendors. Diversity of data, technology, location, and pathways should always be the priority. This is not an advertisement for Sumo Logic, either. While I feel Sumo Logic is the best solution for service providers, it is naive to think that it is the answer for everyone. Stay skeptical when evaluating the technology that is going to be critical to advancing your mission.
It will always be up to you, the service provider, to thread that needle and determine how consolidated you can get without relying too heavily on a single vendor. You’ll want efficiency AND the best possible tools for the job. Here are some questions you can ask yourself during an evaluation:
What is the impact to my business if this solution has significant downtime?
Can this solution be used to improve my business in other areas or with other business units?
What is the primary use case of this solution, and how critical is it to my business?
Can I use this solution to improve my KPIs without compromising employee satisfaction?
Am I only evaluating this solution because it has been offered at a ridiculously reduced rate?
Will entrenching my business into a single vendor set me up for increased costs in the future?
Last, but not least..
Will this decision introduce an unacceptable amount of risk to my business/mission?
This question cuts through the noise, and ensures that an expensive investment is being made with the right mindset. Service providers bear a heavy responsibility, managing critical infrastructure and security activites for a wide range of organizations. Your obligation is to ensure you are protecting your customers and reducing their risks by aligning their critical systems with you.
With so much noise and information overload in the market, it’s imperative that you continually return to this simple (and oh-so-complicated) question: Will this decision introduce an unacceptable amount of risk into my business/mission?
Learn more about how to evaluate your security solution.
Categories
Sumo Logic cloud-native SaaS analytics
Build, run, and secure modern applications and cloud infrastructures.
Start free trial
Seth Williams
Field CTO - Partners
Seth Williams is the Field CTO - Partners at Sumo Logic with 18 years of experience in cybersecurity, information systems and technology. He is based out of West Virginia, and started his career as a developer. Since then, he has worked for a major Japanese auto manufacturer, multiple U.S. government contractors, and Sumo Logic. For the last 12 years, Seth worked in the cybersecurity space as a systems engineer, SOC manager, technical account manager, professional services lead consultant, solutions engineer, and now as a Field CTO. Seth is a practical, yet optimistic, advocate for businesses that need to increase the visibility of their attack surface, detect and respond to real cybersecurity threats, and educate cybersecurity professionals.
More posts by Seth Williams.
