What the fractured security ecosystem means for your business

It’s a fairly common story these days. You close a credit card account and open a new one with your bank. You check your statement a few days later, and, surprise – the “closed” account is still open, and it has accrued an $8,000 charge. Somehow, critical aspects of your identity had been stolen and misused, and if you hadn’t thought to make sure that account closed, you may not have been able to stop the invader from racking up charges in your name. Immediately, you have one thought: I need help fixing this.

Going through a security breach on your company’s data sparks a similar reaction. No matter what systems you had in place to avoid the attack, it hit; no matter how long it took you to detect it, you’re likely going to need help in the recovery process. Enter the security ecosystem – the network of security professionals, vendors, and partners who help one another navigate the incident response process and improve proactive data protection measures.

At least, that’s how the ecosystem should behave. At times, it does – for example, when companies avoid vendor lock-in and use open APIs to collaborate. Then, they can share their findings and advance the industry together. However, if a company can’t analyze a problem (such as a security incident) from end to end, with a clear view of where it originated, its path to growth and its eventual aftermath, it’s not fully prepared to solve that problem. Members of the modern security ecosystem frequently find themselves in this position.

The success of an ecosystem in any industry, including security, relies on the participation of companies within it. Below are a few ways your team can contribute to the security ecosystem and protect sensitive data at the same time:

  • Help start – and grow – communities around the technologies you use. There’s a reason VMware, Amazon and Microsoft are more than companies – they’re forces to be reckoned with due to the ecosystems they’ve developed around their products and users. Connect and collaborate with users who deploy the same solutions as your team, and you’ll help one another become more adept and prepared for security events.
  • Avoid dead ends. If one of your security solutions has a hard stop in terms of the type of data it protects, it’s up to you to cover that ground between its realm and another solution’s area of protection. Solutions that create dead ends or weak spots within your infrastructure can ease a hacker’s path toward your sensitive data.
  • Get help when you need it. I couldn’t have solved the fraud on my bank account without calling my bank, proving my identity and having an associate address the problem at a corporate level. You’re not alone in the fight to secure your data. Don’t be afraid to seek help – and when you do, work with partners that offer ecosystem-friendly solutions, rather than point products that will lose value over time.

Are you taking preventative security measures to stop a breach before it happens?

  Like This
Andrew Hay

Andrew Hay

With over 15 years of data security experience in various roles inside organizations as well as advising them, Andrew serves as the chief information security officer at DataGravity. He is responsible for the development and delivery of the company’s comprehensive data security strategy. Prior to DataGravity, Andrew was the director of research at OpenDNS (acquired by Cisco) and the director of applied security research and chief evangelist at CloudPassage.