By Cameron Camp
With the steep rise in breaches and related
financial losses, some vendors are going nuts, pricewise. It used to be you
could hack together a centralized syslog for free if you had a server sitting
around, but now, if you need a tasty looking dashboard, bring your wallet.
It’s easy to see why, as the speed of remediation
(or stopping an attack in the first place) has been subjected to enough
financial metrics to justify the spend to the boardroom and perhaps even to
stockholders. But be careful, as the marketers have entered the fray – you
could be buying a lot of hot air.
We’re not saying don’t spend for quality, but a
healthy dose of fact-finding prior to purchase can save you more than the cost
of a new hire, even in the competitive marketplace of today. Marketers have
even invaded the booths of Black Hat recently, as we’ll see this year. No? Go
ask a sampling of booth staff to describe BGP in detail. I’ll bet I can predict
the results.
The good news is there are plenty of good technical
resources and reputable companies at Black Hat that will give you good advice.
But increasingly, we see non-technical people placed in charge of large
departments which are tapped with protecting the organization’s IT system, and
they head to the show to find out what to do. Unfortunately, some companies
prey on decision makers who have big wallets but minimal technical skills.
What to do? First, if you’re heading to Black Hat,
understand that it’s a very technical landscape, where technologists will be
deep in the weeds discussing the latest threats. You should bring someone of
that type with you if you’re a decision maker; it will be the cost-effective
thing you can do, especially compared to buying equipment that costs more than
a house to solve a perceived problem that may be vastly overstated.
This year at Black Hat, it will be incumbent upon
newer vendors to make sensational claims to gain market share from established
vendors; call it cheap (or free) marketing. And while it’s nice to visit the
startup areas and learn about new tech, consider the value of the thing you’re
protecting, and that bleeding edge products probably don’t have much of a track
record in your field of interest.
You might, for example, do some tests on cutting
edge gear in an evaluation setting, where you can run it through the paces and
determine your comfort level first. Many vendors, if they find out you’re
serious, will let you do extended testing to enable you to convince yourself of
the product’s value. Take them up on it.
Along the way, realize that open source projects
form the underpinnings of (almost) all commercial offerings. Want the
technology to continue to thrive? Spend some money and time with the open
source community to support the hard work that forms the foundation for all of
us. It will help all the vendors, which in turn will help your organization.
Throwing a few thousand into the pot to support the community has a very large
leverage effect on the good of the whole ecosystem. Some of the largest vendors
have realized this, and sponsor many open source projects with resources; you
should too.
This isn’t at odds with commercial vendors, who
build customization on top of that foundation; it simply bolsters that effort,
writ large. It’s likely you don’t own or use a single piece of software that
doesn’t have open source bits at the foundation somewhere, so you’ll be helping
the commercial vendors build secure layers where they are experts, and have a
stronger foundation to support their trick tech.
Remember, no one thinks your information is more
important than you do, so in the end it’s up to you to determine your best
defense. Get all the facts and bring your own expert to Black Hat with your
best interest in mind, and you’ll have a far better chance of buying good tech
– without all the hot air.
https://www.welivesecurity.com/2017/07/24/going-black-hat-bring-marketing-wallet/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29