In a briefing with Infosecurity, Johnnie Konstantas, director, security solutions at Gigamon , Justin Harvey, chief security officer at Fidelis Cybersecurity and Ross Brewer, VP and managing director EMEA at Logrhythm, the three vendors stressed the need for vendors to collaborate.
Brewer said that most collaborations are “brochureware” where there are joint arrangements, but he said that taking all data and putting it into LogRhythm takes time, so the collaboration with Gigamon works as you take information and filter it down via Gigamon.
“It may be FTP or Telnet traffic, to get that feed and make that investment and that is what we are doing at a practical level and the Fidelis side takes feeds from endpoint and with our analytics, it glues it together,” he said.
“So what customers want is not you to learn on their time, they want to deliver value that is a knowing integration that has not been done before, and the use cases are in place with the response side as well.”
Konstantas said that the customer is driving the collaboration through their need for better functionality, while Harvey said: “Do you think a user wants to talk to vendor who is not talking to others, and we three want to help condense the stack down and enrich the data they have. They may have best of breed technology, but what we are seeing is customers are figuring out that best of breed doesn’t always work.”
Specifically looking at the GDPR, Harvey said that GDPR should be part of a business’s paperwork exercise, and the government puts regulation in place to meet a minimum safety standard as if they didn’t, there wouldn’t be any. “But regulations do not stop attacks such as ransomware, crimeware, espionage,” he said.
“What does stop attackers is full visibility and full endpoint visibility and being able to see it in a concise manner and I look at Gigamon, Fidelis and LogRhythm and recall that IBM released statistics that the average company has 85 products from 45 different vendors and the fact of the matter is it is way too much,” he said.
“We are dealing with an information security skills shortage and we have seen dozens of vendors not talking and doing their own thing and defending their own stance and it has made it difficult for our customers, but we are working together to have conversations and exchange data so we reduce the time to detect and resolve.”
Brewer said that with the USA having data breach notification laws, until a company is forced to do something they will not, and regulation is a motivating factor to do things right. “Without visibility what you get is a lack of full disclosure and after a company,” he said.
Konstantas said that no one technology can do it all, so even if you consolidate you still end up with at least a dozen “must have” security technologies that address issues up and down the stack.
“They all need a view of the network and as much information as possible, but how are they going to get it, so when these guys are saying that visibility is key and for it to function at its best it needs absolute information on the network, you need complete and continuous visibility and whilst we are not a security product, our sole function is to provide that to all of the security technologies so that is why we have to partner,” she said.