Too Many Products

by | Dec 30, 2016 | Security

Not Enough Solutions

Do you know when you say something and do not listen to what you are saying?

Do You Understand The Words…

For a while now, I have been saying 3 main things:

  1. Bear is focusing on the IoT as traditional enterprise security is a crowded mess of products
  2. The IoT is disjointed and really needs a unified, secure environment where IT can provide functionality in a safe world
  3. The IoT is really just an extension of the Internet

That last one is the kicker and, really, the IoT is the vast majority of the enterprise – 80% and growing.  The IoT dominates those systems that are supposed to create a safe and secure environment for the enterprise systems.  As everybody knows, however, the IoT is anything but safe.

The problem, when I finally sat down and realized what I was saying, is that the enterprise is not safe, overwhelmed with more products than ever and no closer to providing a safe environment.  Take the example of a SIEM (Security Incident and Event Management) product as they encapsulate all that is wrong with enterprise security these days.

A SIEM vendor sells the product to a customer simply to look for anomalies that might represent an intrusion.  That is it – there is no ability to do anything about the intrusion, no real insight into the intrusion itself, the outcome is extremely limited.  The product itself is so complex to install and maintain, however, that the customer will most likely have to hire a completely different company just to install and maintain the SIEM product.  In the end, the customer is paying two vendors just to run one product that is, at best, able to find 30% of the possible intrusions…and only in the ever-shrinking traditional enterprise space.

A SIEM vendor sells the product to a customer simply to look for anomalies that might represent an intrusion.  That is it – there is no ability to do anything about the intrusion, no real insight into the intrusion itself, the outcome is extremely limited.  The product itself is so complex to install and maintain, however, that the customer will most likely have to hire a completely different company just to install and maintain the SIEM product.  In the end, the customer is paying two vendors just to run one product that is, at best, able to find 30% of the possible intrusions…and only in the ever-shrinking traditional enterprise space.

Does nobody else see a problem here?

 

We need a new approach to security, a move away from disparate, competing products into a services models that combines technologies into seamless suites of secure systems – all invisibly enabling companies to return to what they do best without worrying about yet another online attack.

This solution is coming, check back with us to learn more…