With Jeff on the road making his way up the east coast in
yet another wet and soggy commute, I’ve been handed the digital pen for this
week’s blog.
This week, I was having a beer with a couple of colleagues and the discussion turned to the “commoditization” of security. We all know that security is one of the hottest market spaces on the planet. Security firms are selling firewalls and IDS/IPS boxes at a breakneck pace to keep up with the growing security threats and to be fair, the demands for these solutions are growing as well. But what happens when the supply outweighs the demand? You look for new things to commoditize!
In my opinion, there is more demand for knowledge and
expertise than there is for the next firewall.
In fact, I predict that by the end of 2013, the emerging hot commodity
in security will be security related communities where people collaborate and
share information in a trusted and secure environment.
You’re already seeing
many of the big players and security vendors hanging communities off the solutions they are already
providing – “Buy our Incident Response service and you have access to our
community.” This demand for communities
is nothing new for us at Red Sky. We’ve been supplying this demand for well
over a year and half now.
What drives this demand?
It’s pretty simple. The large
companies have the incident response teams to deal with APT but don’t have
enough actionable information to act upon and the small companies are lost
somewhere between buying solutions, outsourcing functions, and an uneasy
feeling that they are not seeing everything they should – that sinking feeling
they’re missing something. Sadly, they
are.
Like any hot commodity, your inboxes will be inundated with
offers to join such a community. The
costs can range from free, as a value add to an existing product, and be as
high as many hundreds of thousands of dollars.
To help navigate your inbox, I wanted to share with you what I believe
should be some of the important things you should consider when choosing which
community you partner with:
- Do I trust this community? – You have to have TRUST with whom you are sharing your most sensitive vulnerability data. Do you know the identities of the other contributors? If you don’t have trust that your information will remain private, you won’t use the community or get the most of your investment.
- Can I count on this community when I need them most? – In time of crisis, when your Incident Response Team is fully engaged, can you lean on someone for help? Do you have a lifeline that will help you or find the resources that can?
- Is the information vetted? – Make sure the information you’re receiving form the community is vetted. If the information you’re receiving is invalid or inaccurate, you’re going to waste a lot of time going back fixing things you shouldn’t have to.
- Is the community moderated? – Or is it a free for all? Moderation is important. An un-moderated community is a time killer. No one wants to sift through pages of chatter to get to actionable information.
- Is there any context to the information I’m receiving? – Is the information you’re consuming in a context you understand? No one wants to take action and not understand as to why the action being taken is important.
- Cost? – You get what you pay for. If you opt for a no-cost community, you may not get quality information or too much data. If you opt for the most expensive, you may see high turnover of membership or little return on investment.
These are just a few. There are several other things you
should consider, but this is a good starting point. We at Red Sky have a clear vision of how a
security community should work
and we’re continually improving on our strong foundation, growing our
competencies, to sustain our leadership position before the big companies
unleash their armies of salespeople!
Red Sky has built a highly trusted, cost effective, and
content rich sharing environment to help solve the APT problem by putting
together some of the most advance Incident Response Teams in the world. If you’re looking for such a community and you’re
asking yourself the question of how Red Sky can help you, please email me at rgamache@redskyalliance.org