“The defender has to be right every single time,” said Travis Guinn, principal partner solution architect at Microsoft, at the CDW Solution Forum on Cybersecurity. “The attacker has to be right once.”
This stark truth illustrates what’s at stake and why security leaders must focus not solely on tools but also on strategy and communication.
The forum, held Oct. 19 and 20 in San Antonio, saw more than 100 IT and security professionals gather to discuss solutions. CDW Executive Vice President Buck Bell noted in his opening keynote that in the face of more sophisticated attackers, more complexity and more areas of weakness, holistic cybersecurity solutions “have become much more critical than they’ve ever been in the past.”
Tools Can’t Save You, but Communication Can
“Security has never been more closely aligned to the business and the outcomes of businesses,” Bell said. Gone are the days of a lone staff member maintaining endpoint security; it’s now the responsibility of the entire organization.
Enter security operations centers. As security needs become more complex, many organizations are operating SOCs to manage solutions. With a SOC, personnel can do what they do best. For example, a cloud security specialist might work with a network security expert, who then consults with a hardware security specialist, with all parties coming together to function as an organization’s security nerve center.
Click the banner below to keep in touch and receive Insider content after the conference.
Existing tools such as security information and event management (SIEM) and security orchestration, automation and response (SOAR) solutions may be used by a SOC, but that entity’s job is to see the big picture. Communication is critical to the mission.
“One of the things that we’ve seen is that in SOC teams and IT ops, there’s starting to be some sharing that’s created around silos,” said Larry Burke, principal and vice president for global security strategy at CDW.
But it’s not just IT professionals who need to talk; it’s organizational leaders. The state of security today is one of change management, not technology, Burke said: “Somebody is going to sign the check,” and that person needs plain-language insight that tools and data alone cannot provide.
EXPLORE: Why has zero trust has become an essential security strategy?
Talent Drought? Automation to the Rescue
“I get asked all the time what the biggest threat in cybersecurity is now,” said Apollo Hernandez, security adviser at Splunk. “Some will say insider risk, others will say ransomware. I think it’s lack of people.” Hernandez’s insight is backed by his peers: 66 percent of security leaders say staffing is a challenge.
The SOC is part of the solution here, and the growth of SOC as a Service offerings reflects the reality that in-house talent is often unable to fill the gap. SIEM tools such as Splunk’s that offer holistic insight into other tools may also help organizations overcome their security staffing issues.
But artificial intelligence may be the tool that sees organizations through this period of change. When an organization gets literally millions or billions of alerts each day — only a tiny fraction of which require action — no human staff can keep up with the demand. Automated tools, particularly for organizations that are leaning into the Internet of Things, can offer support.
LEARN MORE: How can operational technology assessments help bridge the IoT divide?
Data Makes the Big Picture Visible
Security professionals seeking the big picture may also benefit from looking at another tool: data. However, simply gathering data isn’t enough. Without insight, it is essentially useless.
“People need to have visibility into their data to be able to respond to things or make their decisions,” Hernandez said.
While automation is becoming an effective tool for cybersecurity, the human element will always be required. Creating a collaborative culture of security focused on communication helps underscore its place in the mission.
Find BizTech’s full coverage of the event here, follow our live news coverage of the CDW Executive SummIT on X (formerly Twitter) at @BizTechMagazine and join the conversation using hashtag #JoinCDW.