CYBER PATROL “Of course, there’s a broad range when it comes to cybersecurity regarding how many different categories can have associated products,” Cox explained. “One trend that I’m noticing is there is high demand for good, engaged security operations centers that are proactive with the client base and making sure those systems are tuned very well.” Cox pointed to Fortra’s Alert Logic and Arctic Wolf as noteworthy options in the growing SOC space. “Take some time to understand each provider’s value play in terms of SIEM capabilities, including their approach to log monitoring and management for compliance, as well as their integration with MDM and MDRs to facilitate cross-platform transparency and expedite threat assessments,” added Cox. Companies across the board are also struggling with rising complexity in their software development lifecycles. This is a big issue for SaaS providers, and a potential pathway to revenue for partners that can provide transparency. “Companies have rushed many new technologies into the software development lifecycle over the last 36 months or so, including new infrastructures, cross-cloud integrations, API communications and containers,” said Cox. “This is creating a new set of security challenges. Companies need to improve security without having to spend countless cycles from the development team to get that clear dashboard.” Cox mentioned the benefits of working with a SaaS security management provider such as Start Left, which helps teams discover and eliminate risks in their CI/CD, cloud infrastructure and products for faster shipments with fewer security errors. “Providers like Start Left can help mature your software development lifecycles and gain better visibility without having to invest significant manpower,” explained Cox. Risk-based Approach Some additional services to keep on your radar in 2024 include managed firewall, IoT security and endpoint management. Of note, more than three quarters of respondents in the Sophos report plan on adding endpoint detection and response (EDR) and/or extended detection and response (XDR) tools in the near future. And 44 percent of organizations are planning to work with a managed detection and response (MDR) provider. “Those are all critical services that are not going away any time soon,” Cox said. “If anything, you need to be looking at the firewall vendors — specifically their integration strategies and how their technologies can protect the business inline processes that are the cash-generating aspects of clients. And how have their emerging AI, log management and SOC operational aspects been improved to protect inline business processes so that you can provide better ROI and value to those services that exist?” Simply put, selling cybersecurity services can still be challenging — especially when engaging with reactive buyers who prefer to respond during or after an attack. As a result, it’s important to be tactful when selling. Cox recommends wrapping conversations around risk management. This can help to shift conversations away from talking about products and more toward protecting business risks and cash flows. “If we could take that time to understand a risk-based approach to cybersecurity, this is going to help streamline the process and provide more value on the ROIs for the spend that we’re asking clients, customers and consumers to buy in these technology stacks and solutions,” Cox said. Cox also mentioned the importance of working with partners that understand the value of risk management. And if you don’t have them, Cox says, find out who those partners are and connect with them. “They will be able to lead you in a path that will provide value quickly to the C-level suite,” Cox concluded. “You’re going to have a lot less resistance on purchase orders if you take this approach.” o 30 CHANNELVISION | MARCH - APRIL 2024 Source: Delinea, survey of security and IT professionals Cyberthreats are now too advanced for the organization to deal with on their own Source: Sophos, survey of IT professionals Less than $10 million $10-$50 million $50-$250 million $250-$500 million $500 millon to $1 billion $1 billion to $5 billion $5 billion plus 41% 42% 48% 50% 55% 55% 60% In what area, if any, do you invest the most prevent ransonware? (Tick up to two) Source: Delinea, survey of security and IT professionals 39% 37% 31% 30% 28% 28% 1% 43% 35% 15% 21% 22% 16% 16% Network security Cloud security Endpoint security Application security Identify and access management Privileged access management We don’t invest the most to prevent ransomware in any area 2023 2022
RkJQdWJsaXNoZXIy NTg4Njc=