How to manage vulnerabilities with limited resources and budget

Johannesburg, 04 Nov 2019
Read time 3min 10sec
Matt Ashman, chief commercial officer, KHIPU Networks
Matt Ashman, chief commercial officer, KHIPU Networks

IT budgets are strained and shrinking. Gartner predicts that global IT spending will grow at just 0.6% this year due to slowing global economic growth, recessions, trade wars and stalled Brexit talks.

Cyber crime, on the other hand, is on a steep upward trajectory, with four new malware samples being created every second, a marked increase in remote and IOT attacks, and incidents of data theft spiralling out of control.

Businesses and public sector organisations have a long list of demands that are placing significant pressure on their networks, resources and budgets. Everyone is trying to get maximum return on their security and infrastructure spend, and they’re grappling with how to protect their networks against vulnerabilities with limited resources and on an often tight budget.

Network analysis

For Matt Ashman, chief commercial officer at KHIPU Networks, a good starting point for businesses is to understand how much the organisation’s current network actually costs, and how it can be simplified and expanded to support the ever-growing business requirements. Analysing how much the current network really costs can help maximum return on investment and influence further investment decisions.

“Understanding vulnerabilities and how to protect against them with maximum security doesn’t have to be overwhelming,” says Ashman. “Organisations should take a small and manageable approach to risk assessment by asking a few simple questions. They might not have all the answers, but they will get an indication of how to start mitigating risk.”

Outsourced nerve centre

One way to manage vulnerabilities despite budget restraints is to use a security operations centre (SOC), says Ashman.

As the nerve centres of any security strategy, SOCs continually analyse, monitor, detect and respond to anomalies and threats that could otherwise go unnoticed. They combine the latest technology, strict processes and a team of skilled security professionals. But not all organisations – especially small and medium-sized businesses and those in the public sector – have the skills, resources and budget to manage an SOC in-house.

According to the SANS 2019 SOC Survey, a typical SOC employs two to five analysts. An SOC for a much larger enterprise can employ upwards of 100 analysts, who must be adept at using security information and event management (SIEM) platforms, threat intel platforms, log management systems, and security automation and orchestration (SOAR) tools.

Ashman notes there’s a growing need for external security operational monitoring because accessing, as well as the ability to retain the best resources to effectively monitor a network for breaches and anomalies, can be expensive and time-consuming.

“Key to getting the best return on an SOC investment is to work with a partner that understands that there’s no one-size-fits-all approach to security. The security operations team must fully understand your security strategy as well as your organisation’s risk tolerance levels in order to effectively maintain the level of security that your network requires,” says Ashman.

He adds: “External operations centres can support organisations that do not have these resources or capabilities to hand. Managed service providers can monitor a business’s security posture around the clock, using the latest in AI and network monitoring technology, and can provide the solutions and support at a much lower cost than if the business were to manage this function in-house.”

Vulnerabilities and security technology evolve much faster than most businesses can handle. For businesses that lack the resources to develop and manage their own SOC, outsourcing is often the most cost-effective option.