Jeff Schilling, CISM, explores the importance of managed cloud security and proactive threat management in part two of our Understanding Totally Secure blog series. Be sure to check out part one with Armor founder and CEO, Chris Drake.
Q: What does Totally Secure mean to you?
Jeff Schilling: Totally Secure to me means having the following elements of a security program in place:
- A defendable architecture or environment that was designed with security in mind, not just bolted-on as an afterthought.
- A threat intelligence program that identifies the most likely threat avenues of approach, tactics and techniques. This enables us to protect customers against cyber threat actors. We are proactive in our approach, offering protections that make it more difficult to carry out a successful attack while reducing the surface area for attack.
- A security operations team, like Armor’s SOC, that’s focused on hardening the environment against attacks. The team needs to be able to efficiently and effectively analyze indications of compromised data. We use telemetry from our security controls to detect threat activity early in the kill chain. This enables us to contain, eradicate and recover from compromise in such a short timeframe. It’s why we can boast a dwell time 100 times shorter than the industry average.
Q: What’s the importance of managed cloud security services for organizations with sensitive cloud data workloads?
Jeff Schilling: Globally, there’s a shortage of more than a million security professionals. This means only well-funded organizations have a shot at hiring and maintaining a quality security operations and threat intelligence team. Most organizations are better served by relying on the capabilities of managed cloud security providers like Armor to protect their critical cloud data.
Q: How can organizations proactively manage threats to their cloud?
First, they need to understand their cyber risk, which can be calculated by the linear equation:
Risk = Threat + Vulnerability – Security Operations
If an organization doesn’t understand these threats, they won’t have the knowledge required to truly understand the risk of a data breach and how to assess their vulnerabilities.
To protect themselves effectively, customers must identify what data is valuable to non-targeted, commodity threat actors and which data is valuable enough that it might attract more skilled, targeted threat actor teams. You’ll never stay ahead of threats if you can’t complete the first step of classifying which data is the most critical to your business.
Q: What’s next for Armor?
Jeff Schilling: Our goal is to continue to improve our detection and incident response rate through our OODA process refinement. We will leverage the automation and correlation capabilities of our SIEM for increased effectiveness.
Q: What does this mean for our customers or prospects with sensitive cloud data workloads? What’s the biggest benefit?
Jeff Schilling: For Armor customers, the biggest benefit is simple: you can expect industry-leading dwell times and the best possible defense against breaches.
Next week: Understanding Totally Secure #3: Best-of-breed technology and integrated & automated solutions with Ozan Talu, VP Product Management, Armor.