Nuance, knowledge and networks — cybersecurity in the cloud era

By | 3 minute read | April 20, 2020

“It didn’t need to happen.”

Every time I read a news story about the latest bank data breach or public library being held hostage by ransomware, I find myself shaking my head and repeating those words. Because far too often, the root cause of these successful attacks isn’t due to the brilliance of some criminal mastermind — it’s due to a lack of expertise or resources within these companies that leaves them unable to adequately protect themselves.

At this point, cybersecurity is something that we all need to consider. We’re vulnerable in our daily lives as we carry around portable computers in our pockets that have access to all of our bank accounts. And we’re vulnerable in our businesses where private customer information and financial records are just as valuable to thieves and hackers.

And with so much vulnerability, we need to be more aggressive in how we protect ourselves.

The myth of perfection

Ask any business out there, “Are you 100% secure from an attack?” And they’ll answer, “No.”

At this stage, we’ve all accepted that there is no such thing as 100% when it comes to cybersecurity. At least, there isn’t if you’re trying to run a business.

It’s not a matter of if you’re going to be attacked. It’s when. And that’s when speed matters.

The only way you’re going to limit the damage done by an intrusion is by catching it early. You don’t have days. You have minutes. Because the longer these intruders are spreading laterally through your network, the greater chance that their impact will be catastrophic.

That’s why we here at Alert Logic have focused so heavily on managed detection and response (MDR). As one of the industry’s first MDR providers, we’ve worked closely with our customers to empower them with the visibility and insight into their own networks to quickly let them know when they are being attacked and how they can effectively respond when these threats come.

In particular, MDR is useful for small- and midsized businesses. These companies don’t typically have the internal personnel or equipment to run in-depth vulnerability scans or spend time researching the latest attack vectors. Often, they’re struggling just to make sure that every system has the latest patch.

But with a managed solution, they now have access to our pool of experts. They’re benefiting from our research. They’re relying on our analytics to know where they’re vulnerable.

And pursuing a similar philosophy of relying on outside experts and resources, more and more of our customers have also been transitioning to cloud-based environments.

Securing the cloud

In fact, that’s how we first began working with IBM and why we eventually became an IBM Business Partner.

One of our customers, a successful e-commerce platform provider to midsized businesses, was migrating to IBM® Cloud™, and we met with the IBM team to discuss running an MDR solution within this new environment. They were a very talented group of architects and developers, and we realized that these were people that we could work with — that we wanted to work with.

One of the keys to building an effective MDR solution is nuance. No two businesses have the exact same goals or security strategy or even architecture. They have unique risks. They have unique reporting requirements. So MDR within these organizations must be equally nuanced, responding to potential threats according to the individual needs and priorities of that specific customer.

And now, working within IBM Cloud, we have access to the insights, direction and advice of the IBM team. We can gather security-related information and connect to existing IBM Cloud interfaces, equipping us to provide our best analytics and response recommendations. Our customers in IBM Cloud can now easily generate the reports they need on their activity and compliance with standards. And all this while we boost the accuracy and actionability of the results that we provide.

Teaming with IBM, we can now deliver MDR in IBM Cloud that offers the right insight and the right reporting. Best of all, we’re giving our customers the ability to protect themselves.