Today’s enterprises operate with a plethora of tools and technologies. Security teams, as part of the overall technology group, are no less inclined to be part of the tools acquisition movement. Purchasing a technology “created by experts” is a comfortable way to demonstrate to senior management how the team is tackling problems head on. However, are more tools helping enterprises become more secure? Not necessarily, says Adrian Sanabria, Co-founder and Director of Research at Savage Security, a security consulting and advisory startup.
During a video interview during Back Hat, Sanabria explained that the security industry has been conditioned to buy expensive technologies to help secure the organization—the attitude is predominantly “build vs. buy.” “It’s something that’s been taught, that we’ve learned. It’s been the narrative given to us from marketing [teams],” he said. Sanabria believes, however, that security teams and their respective enterprises can gain a lot of ground by first looking at their current toolset.
Before researching a technology to help with X, Y, or Z, Sanabria said organization need to take a step back because they “don’t understand what they have” already implemented, and generally haven’t looked fully at what the tool can do if tweaked or customized. Broadly speaking, when most buyers acquire a technology, it’s used for the purpose(s) stated in the marketing materials; few look deeper at possibilities.
Which is a shame, according to Sanabria. Solutions to many problems can be found within many of the tools security teams already rent or own, and even more are freely available. If you know where to look.
Check out the video below to hear Sanabria’s thoughts on the tools marketplace and what you, as a security practitioner, can do to increase your efficacy without increasing your budget.
Adrian will be teaching a full-day workshop entitled "Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows and Your Wits" at InfoSec World 2018.