Visibility the starting point for many security pitches

Customers are increasingly recognising the need for visibility to ensure they minimise security risk, but the channel has some way to go in encouraging users to face up to the “unknowns” connecting to their networks.

Users are facing increasing pressure from compliance regulations, with the recently introduced banking and financial services regulations DORA being a topical example. Channel partners looking to help customers abide by DORA or any other compliance regulation need to have visibility of the network. The advice from the security market is to start by getting that approach right.

“You’re only strong as your weakest link, and oftentimes the weakest link is actually your third parties and partners because it’s often overlooked,” said runZero’s global technology evangelist Wes Hutcherson. “Organisations do not know what they do not know. Sometimes they just want to turn a blind eye to it.”

He said that the decision to let things run was often because, of all of the potential risks, sharing visibility would challenge the existing systems.

“If you look at a lot of the compliance regulations, much of it is like ‘conduct vulnerability scans on whatever XYZ cadence and then prioritise based on whatever CVSS scores’. You’ve got to have some kind of prioritisation. Well, what about all the different exposures outside of that?” said Hutcherson.

He added that a lot of the issues were not being picked up by legacy products and customers were not spotting vulnerabilities caused by old applications, connected tech and abandoned cloud projects.

“It’s kind of changing that old guard mentality from vulnerability scanning, vulnerability prioritisation, put the agents on it so it goes way beyond that. And I think that’s the dangerous part, because that’s where you discover the unknowns and the unmanaged, and that trickles down to everything that’s connected to you,” he said.

Hutcherson said that partners could use visibility as a jumping off point to cover a wide range of customer requirements.

“Visibility is the foundation for security. It doesn’t matter if you’re looking at it from a prevention standpoint, you have got to know, essentially, every asset that’s possibly out there, so that you can start to discover all the exposures across it and meditate based on prioritisation,” he said.

“You have also got to look at it from a detection or response standpoint, because if an attacker gets in, you’ve got to know they came in and where they could have gone. And then how do you respond?”

Hutcherson added that as well as compliance causing customer flashpoints, the channel could help with ongoing opportunities to help identify risks for firms going through M&A processes.

He said that the timeframes for most deals and the slow process of due diligence often meant that customers were unable to assess risk before the merger was implemented, adding: “They do not have enough time during the M&A to discover everything that’s across the attack surface that they’re about to connect with.”

Channel partners that developed expertise around compliance and risk management are going to have an advantage beyond simply covering customer needs with the likes of DORA.

“I think it will become a competitive advantage for some organisations,” Hutcherson said, adding that other partners could turn their backs on supporting customers with DORA regulations if it was not a large enough part of their business.