Felipe Medina, VP of Information Security Architecture and Operations, BankUnited
“When you go with a more SaaS-based or
cloud-native solution, you’re focusing on
becoming a refiner and consumer of that data and platform.”
Consider the cost of maintaining agents’ updates, platform updates, and troubleshooting issues with servers or network communications. You cango with a brick-and-mortar solution that does well, but you’re not factoring in the amount of upkeep and maintenance required. When you go with a more software-as-a-service (SaaS) – based or cloud-native solution, you’re focusing on becoming a refiner and consumer of that data and platform. Gone are the days of constantly patching servers. Ask yourself, What’s the result instead of that patch? What’s the result instead of what you’re introducing into the environment with a new policy?
Instead, create a baseline of what you’re doing with a SaaS platform. Then, you become a consumer and refiner of that data, but you’re not necessarily bound to that platform. That’s one factor that I would say security leaders need to consider, especially if they have a small security team. The smaller your security team, the more painful it will be to stay ahead of that threat-hunting and threat intelligence piece. Making fundamental changes — including mindset changes to make us a more cloud-native organization — enabled us to get ahead of the curve.
This is an excerpt from 7 Experts on Transforming Your Threat Detection & Response Strategy. This eBook was generously sponsored by Trustwave.