ChannelVision Magazine

Cyber Patrol opportunities the current state of cyber- security presents channel partners and their solution providers. For starters, it’s no longer safe to assume that attacks can be prevented. “Hackers will continue unabat- ed to innovate and expose new vulnerabilities,” said Joseph Car- son, chief security scientist at Thycotic, which offers privileged password and endpoint protection solutions. In other words, cybersecurity is not just a matter of how bad guys will penetrate networks and devices but when they will penetrate, and how quickly a company can react. “It is increasingly clear that motivated threat actors can circumvent defenses,” agreed Rick Moy, chief mar- keting officer for Acalvio, a provider of autonomous deception solutions. “How- ever, organizations are still facing an unacceptably long dwell time to detect and address breaches, with the average around 99 days.” “One challenge is inertia,” added Mike Banic, vice president of marketing at Vectra, which utilizes artificial intel- ligence to power its threat detection and response plat- form. While or- ganizations have made significant investment in pre- ventative security, such as firewalls, proxies, secure web gateway and endpoint security, said Banic, at- tackers continually search for ways to outpace prevention products. Banic points to a recent Gart- ner report in which the research firm boldly states that “prevention is futile in 2020,” making a call to action for enter- prises to shift their investments to rapid threat detection and response. “While CISOs today often admit that cyber-attackers may already be inside their networks, the majority of their spending is still on prevention defens- es,” said Banic. That’s starting to change. Gartner forecasts a 39 percent increase in spending on detection and response security in 2018, growing to an increase of 50 percent in 2019 and a 60 percent increase in 2020. Even so, “Most organizations have not yet made the re-balancing adjustment from prevention to detection recommend- ed by Gartner two years ago,” added Moy. “Channel partners can differ- entiate themselves from the pack by offering cost- effective detection solutions, including emerging technolo- gies like deception, managed detection and response and orchestration.” “Integrating the new detection and response solution with the existing end- point, NAC, firewall, workflow, ticketing and SIEM solution creates a high-value opportunity for services,” said Banic. And AI-based detection and response automation platforms such as Vectra’s Cognito are SaaS-based offerings with annual recurring revenue that increases business-model predictability for chan- nel partners, he added. Similarly, the awareness that “breaches are a fact of life” means IT departments will be looking for partners and providers that prioritize resilience, or the ability to bounce back from at- tacks, said Carson. “CISO’s quickly realize that no man is an island when it comes to staying ahead of the threat landscape and that third parties with the latest advanced knowledge and expertise will be part of their resiliency program,” said Carson. “By addressing threats of the type and scale mentioned above, IT firms that can demonstrate their ability to consult, advise and implement infrastructure that will adapt rapidly to changing conditions Tony Rock; Lockpath Joseph Carson; Thycotic Mike Banic; Vectra July - August, 2018 | Channel Vision 17