Evaluate your SIEM
Get the guideComplete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.
October 9, 2024
It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed.
Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help. In fact, plenty of large-scale organizations and enterprises also use MSSPs to augment and expand their internal teams.
As a result, the service provider market has rapidly expanded–more like exploded–in recent years. These service providers are often faced with a lot of too-good-to-be-true vendor marketing.
I’ve encountered a lot of skepticism in meetings with Sumo Logic’s service provider partners who have to balance the need for new technology and the need for solid, reliable solutions. While this is a challenge faced by all purchasers of technology, the risk of investing in the wrong solution is compounded for security service providers.
Operationalizing, hiring, and mastering technology isn’t something that can be done with the stroke of a pen from procurement. The investment and risk that is accepted when providers decide to adopt new, critical technology is serious, and shouldn’t be taken lightly.
My perspective on the topic of oversaturation and general technology fluff might be surprising, considering my role as Field CTO for Partners at Sumo Logic. I advise all partners to embrace skepticism. It’s vital to understand what outcomes and value a technology investment can do for your organization. Don’t get caught up in the latest shiny widget because that is what is covering your LinkedIn feed.
“Oh wow! That platform that was just announced by that huge corporation can solve all of ours and our customer’s needs in one place”, said no one who has ever been in charge of diversifying critical services or infrastructure. As budgets squeeze and vendor technologies expand organically or through large-scale mergers and acquisitions, we increasingly see a push toward consolidating critical systems with a single vendor.
While some amount of tool consolidation is good, and necessary, don't fall for the soup to nuts marketing that you are hearing from security vendors. Diversity of data, technology, location, and pathways should always be the priority. This is not an advertisement for Sumo Logic, either. While I feel Sumo Logic is the best solution for service providers, it is naive to think that it is the answer for everyone. Stay skeptical when evaluating the technology that is going to be critical to advancing your mission.
It will always be up to you, the service provider, to thread that needle and determine how consolidated you can get without relying too heavily on a single vendor. You’ll want efficiency AND the best possible tools for the job. Here are some questions you can ask yourself during an evaluation:
What is the impact to my business if this solution has significant downtime?
Can this solution be used to improve my business in other areas or with other business units?
What is the primary use case of this solution, and how critical is it to my business?
Can I use this solution to improve my KPIs without compromising employee satisfaction?
Am I only evaluating this solution because it has been offered at a ridiculously reduced rate?
Will entrenching my business into a single vendor set me up for increased costs in the future?
Last, but not least..
This question cuts through the noise, and ensures that an expensive investment is being made with the right mindset. Service providers bear a heavy responsibility, managing critical infrastructure and security activites for a wide range of organizations. Your obligation is to ensure you are protecting your customers and reducing their risks by aligning their critical systems with you.
With so much noise and information overload in the market, it’s imperative that you continually return to this simple (and oh-so-complicated) question: Will this decision introduce an unacceptable amount of risk into my business/mission?
Learn more about how to evaluate your security solution.
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.
Start free trial