This blog post was written by new CEO of Risk I/O, Karim Toubba. You can read more about our new CEO announcement here.
I have always been drawn to solving substantive problems that lay the foundation for change, particularly in the security industry. To date, much has been written about the sophistication of the hacker and even the most casual news reader is bombarded with the latest highly publicized attack. Ironically, organizations continue to spend more money than ever on security technology (the entire industry spent over $46B last year – ABI research).
While new technologies are needed to drive efficacy, especially in light of ongoing threats, they alone are not going to address this challenge. Talk to any security practitioner, from security operations or analyst to CISO, and they quickly point out that they are inundated with the newest tech to protect them against the latest attack. This so called “layered” security model has left organizations with a myriad of security technologies from network to application to client each of which provide an inherent value and hold critical information about attack patterns. Yet these technologies are still largely siloed and require increasingly highly skilled security staff to maximize the information these systems produce. As a friend of mine often reminds me, “there is no Moore’s law to the human brain.” While SIEM platforms attempt to aggregate the data, the boil the ocean approach, over reliance and the forensic and compliance use cases and often expensive and complex integration task means the mass market is not able to leverage the full capability of these solutions. While big data holds promise, most of the platforms have gone by way of general purpose platforms that can process any and all data missing the opportunity to focus on solving this vexing problem in security.
The long lived idea of “layered security” needs to give rise to a better way to connect the layers, understand what the data means, why it matters, and most importantly make it actionable in a meaningful way to security operations teams. Of course low time to value is a key tenet if we expect broad adoption.
Laying the foundation for change is never easy. It requires insight, a leap of faith, and maniacal execution. I joined the Risk I/O team to help lead the charge in solving this substantive problem. One, that when solved, will have a lasting impact on the security industry and our customers.