Enterprises can choose among a wide array of technologies to handle every aspect of IT security, from malware defense...
and identity and access management to intrusion detection and distributed denial-of-service mitigation.
At a time when IT security has become a top priority for more organizations, security vendors are courting prospects by applying advanced technologies, such as behavioral analytics, in their systems to add context, improve accuracy and accelerate time to resolution. Enterprises are lured to offerings by promises of proactive defense, streamlined management and limited downtime.
On paper, IT security looks sleek and streamlined. But the reality is too many under-resourced security organizations are straining to handle multivendor security system management. Typically, heterogeneous security portfolios are populated with a variety of appliances, systems and tools purchased on an ad hoc basis. These systems often don't work together in any way to help the enterprise establish a cohesive defense.
To have effective security system management, an enterprise needs a variety of protections and controls that contribute to the common objective of supplying vital intelligence and response capabilities. IT security professionals complain of sifting through a deluge of alerts from their security portfolios -- notifications dominated by false positives -- only to miss an actual breach in the flood.
Suppliers adding integration platforms to boost security system management
More vendors and managed security services providers are trying to remedy this situation by offering platforms that act as integration points for more comprehensive and collaborative security practices. There is nothing new about the concept of security vendors and managed security services providers pitching their underlying platforms as mechanisms to facilitate the integration of the functionality of multiple point products. But security suppliers are stepping up their efforts to work with third-party vendors to improve integration between technologies in security portfolios.
That said, there is still room for progress in security system management. The best way to improve the outcomes from an existing investment in security technology is to try to map out objectives and look for new ways to leverage point products to address existing gaps. Look for ways to improve the use of current technologies. For example, find a way to sift through vast volumes of data captured by a security information and event management product using an analytics tool, or apply trending data to develop better policies to eliminate common user errors that result in data leakage.
In some cases, organizations may need to enlist third-party advisory services to redesign the way they use existing systems. Ultimately, what IT needs to do is to look at security system management as a holistic practice that requires orchestration, communication and collaboration across both devices and personnel to succeed.
How a security portfolio helps enterprises
Trimming down a security portfolio
Resolving security system interoperation
Dig Deeper on Network management software and network analytics
Related Q&A from Amy Larsen DeCarlo
Security policies, optimal service levels, configuration changes and even cost control measures all encompass the different types of network ... Continue Reading
AI network monitoring has great potential, but companies need to pare down the number of network monitoring tools they use now in order to reap AI's ... Continue Reading
Multi-tenant public cloud monitoring can pose significant challenges. Luckily, some tools can help track these environments and even flag potential ... Continue Reading