Evaluate your SIEM
Get the guideComplete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.
July 3, 2018
I always look forward to attending the annual Gartner Security & Risk Management Summit in National Harbor, Maryland. This event provides the latest insights from both Gartner and industry thought leaders, and is focused on many current challenges facing organizations today with key areas including agile architectures, business continuity management (BCM), cloud security, privacy and securing internet of things (IoT).”
In addition to the 200 vendors who showcased their security and risk related products and service offerings the event drew over 3,400 attendees, coming from a wide range of disciplines, business sizes and industry verticals. Attendees included CxOs, security and risk professionals, financial analysts, business consultants, governmental agencies and others who have a curiosity for this space.
Gartner has forecasted security spending to be “robust” in 2018, with growth expected to be in the high single digits. Areas highlighted as top priorities for this spending included identity related tools, such as the Identity Access Management (IAM) tools. Gartner has said that the most important element of any cloud and mobile security strategy is an appropriate IAM strategy.
As targeted attacks continue to plague organizations of all sizes and types, this unmet need has spurred investment across the security landscape. Spending in this area includes threat intelligence (TI), analytics, profiling and anomaly detection, and endpoint and network activity monitoring.
In March of this year Sumo Logic conducted a global survey of IT and Security professionals, the 2018 Global Security Trends in the Cloud report, to better understand the security challenges they are facing as they continue to adopt cloud architectures and invest in modern applications. The key findings from this survey boiled down to three areas:
I guess it should have been no surprise that many of the Gartner session themes, guidance and recommendations were focused around many of the same pain points and observations.
As with our global survey, collaboration was highlighted as a core competency needed to address the risks and security needs associated with digital innovation. The collaboration theme was apparent in a number of the sessions at the event, including:
“Digital Transformation Requires Integrated Risk Management” by Gartner analyst Earl Perkins. He stated that digital transformation is “the ultimate team sport” where “events and risks are shared.” He further emphasized that “effective risk management of a digital business is an interdependent connection of risk management systems.”
“The 5 Security Roles You Must Plan for in the Digital Era” by Gartner analysts Matthew T. Stamper and Sam Olyaei. They depicted collaboration as a critical criteria for selecting a successful security leader as well as becoming one yourself. According to Gartner, a successful security leader “Collaborates with other members of formal/informal teams in pursuit of common mission, vision, value and goals.”
“Security Strategies and Architecture for Hybrid Data Center Infrastructures” by Gartner analyst Neil MacDonald. Neil highlighted the benefits of development and operations collaboration (DevOps), with data showing that organizations who are adopting these methodologies are seeing “faster cycle times and realization of business value.” And further, “by 2019, more than 70 percent of enterprise DevOps initiatives will have incorporated automated security vulnerability and configuration scanning for open source components and commercial packages, up from less than 10 percent in 2016.”
SIEMs were also a common area of focus due to the challenges many are facing with today’s modern cloud and application infrastructures. In Gartner analyst Toby Busa’s session titled “The Evolution of SIEM,” Toby stated that “SIEM technology buyers are still frustrated with the complexity of using the tools” and he also recommended that organizations “be prepared to embrace SaaS SIEM in the future as maturation and standardization occurs.” Interestingly enough, our cloud security survey revealed the same sentiment.
SaaS SIEM is a concept that Gartner analysts Anton Chuvakin and Augusto Barros covered in a recent publication “Selecting and Deploying SaaS SIEM for Security Monitoring” and is an area of expanding focus in Sumo Logic’s growing security product roadmap. A SaaS SIEM goes beyond cloud-based SIEM in that it follows the National Institute of Standard and Technology (NIST) model for SaaS.
Like Sumo Logic’s key benefits, SaaS SIEM advantages include:
As organizations move to the cloud to leverage the available scalability, agility and flexibility benefits, they are finding that legacy silos can slow the realization of those benefits. The concept and benefits of DevOps and DevSecOps was covered across many sessions at this year’s Summit. Here are a few of the highlights:
In Gartner analyst Michael Isbitski’s session titled “How to Adapt Application Security Practices for DevOps,” Michael shared results from a recent Gartner survey that showed that, “69 percent of organizations are evaluating or piloting DevOps and the other 31 percent are actively implementing or scaling DevOps.
In “Leadership Vision for Security and Risk Management, 2018” presented by Gartner analyst, Tom Scholtz, he suggests organizations implement the use of a Continuous Adaptive Risk and Trust Assessment (CARTA) approach to managing security. Tom highlighted seven imperatives (below) in this model that require the breaking down of silos for success in managing security.
In “10 Principles of a CARTA Approach and Implications for Your Security Organization” presented by Gartner analyst, Neil MacDonald, he suggested the use of a CARTA approach to managing security. Neil recommended to the audience that within the next 90 days they should “reimagine security as a set of continuously improving, data-driven processes with feedback loops.” Furthermore, he suggested that attendees take action and “stop slowing down the business and users in the name of perfect security, and to proactively get involved in DevSecOps projects.”
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.
Start free trial