Cybersecurity operations can be difficult, but they don’t have to be. Lumu was founded with the belief that every organization can operate cybersecurity better and more efficiently to avoid worst-case scenarios. Lumu’s founder and CEO Ricardo Villadiego was joined by Chris Steffen, Research Director at leading analyst firm Enterprise Management Associates for a Flash Talk on how every enterprise needs to operate cybersecurity proficiently. Here are a few questions covered in the talk with Chris Steffen’s paraphrased responses.
Why Does Cybersecurity Need to Be Operated?
There are a billion reasons why cybersecurity is relevant, from regulatory compliance to protecting the people and assets under your care. It’s incumbent upon all of us to pay attention to basic cyber hygiene and best practices as a part of our overall computer technology culture.
Cybersecurity can’t just be ‘bought’ and forgotten about. You can buy the tools and to a degree, you can buy talent to help you with that, but it starts with culture. Firstly, there needs to be a desire and a commitment to viewing cybersecurity as important to your organization.
Artificial Intelligence and Machine Learning can’t be counted on to automate everything away. There always needs to be a human component. AI has the ability to ‘lessen the load’, but human judgment will always be paramount when it comes to determining responses and managing the IT environment.
What Makes Cybersecurity Operations so Hard?
There are many reasons for this. It’s a never-ending task. It’s a continuous process and you can never be ‘done’. The technologies and the environment you operate in are changing so rapidly that you need to be constantly thinking about the fact that you are compromised. If you don’t have that mindset then, simply put, you are not secure.
For Small and Medium-Sized Businesses (SMBs), these problems are magnified because they don’t have extensive resources to throw at the problem. SMBs need to be focused on their risks, scaling issues, and the talent and resources needed to address those risks. And frankly, security is not always at the top of the list when the focus is on keeping the business afloat.
How Can MSPs Alleviate the Burden of Cybersecurity Operations?
Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) play a critical role. We’ve mentioned the talent shortages affecting every business sector. SMBs are more affected than most because they don’t have the resources to hire a squadron of CISSPs or the biggest instance of a SIEM solution. Partnering with an MSP or MSSP allows for the identification and addressing of cybersecurity risks, giving SMBs levels of confidence and security that would not be attainable otherwise.
Cybersecurity vendors tend to prefer building tools meant for larger enterprises. MSPs need these same enterprise-class tools but specialized so that they can deliver cybersecurity operations as a service to SMBs and cross-apply their cybersecurity expertise. MSPs don’t want a hundred screens. They want one screen where they can monitor and manage all of their customers. So, I think that the direction that Lumu is going with their MSP and MSSP offering is exactly the right one.
Watch the entire Flash Talk interview with EMA’s Chris Steffen below: