Security Risk and Reward Posted on July 23, 2013 by Adam Burke Market experts love to talk about Information Security. And why wouldn’t they?! It is a beautiful market of evolving requirements and according to a new report by Global Industry Analysts, it’s projected to surpass $125 billion by 2015. Market research and revenue projections aside, what does the growing need for security practices at all levels mean for the Channel? What does it mean to the SMB space? Even large enterprises get breached, and they’ve invested billions of dollars in information security and have CIO’s and Directors overseeing teams of security admins, network security professionals, and quality control processes for application delivery. Threats can come from any level, Cisco projects that 50 billon devices will be connected to the Internet of Everything (IoE) by 2020. Applications, email, networks, remote workers, Cloud hosted databases. If your clients’ business has touched the internet, it’s likely that automated malware and botnets are searching their systems for vulnerabilities. The motives behind these infected emails, watering hole attacks and zero day threats are not always known until it is too late. Corporate databases are breached, users personally identifiable information (PII) is lost and regulators penalties and damaged consumer confidence is inevitable. Developing awareness to the threat and implementing a layered active security posture is the only way to protect against the evolving threats. I spent a few years in military service and I learned that when engaging an enemy, whether in conventional or asymmetrical combat, the best security posture to take is an aggressive and evolving one. The weakest point will eventually be exposed and to remain stationary in an overconfident security posture means death. The same holds true with information security and for your clients’ businesses, whether it’s a small, medium or large enterprise. Today’s corporate security posture must be fluid, evolving and adaptable. Having a firewall is not a security plan. According to Jeff Wilson, principal analyst for security at Infonetics Research, “Companies are moving to Managed Security Services to deal with increased attack volume and complexity, and manage security product sprawl…” Your customers evolving security concerns provide you with a great opportunity to help them by introducing managed service and cloud providers who operate on standardized systems and consistently manage to best practices. Partner with an organization who has the experience and expertise to help educate your customers on their current security risks. Listen to what your clients are trying to achieve. Are they looking for an active SIEM tool? Are they trying to manage email encryption or content filtering? Positioning just one specific point solution or appliance, is just another piece of body armor that ends up on the shelf or poorly implemented. It’s the implementation, evolution and management of security solutions that will help secure your customers. Quest’s Managed Security Services approaches this with a complimentary assessment, we call it our Security for the ½ Day, and it includes a free penetration test and a table top discussion in plain language that will help your clients understand the risks they are taking and the options to improve their security posture. Bringing a Managed Security Services partner to the table, who can deliver capability rather than product will change the game with your customer, providing them peace of mind to focus on their core business.