Proactive protection: how SOCS are helping Aussie partners stay ahead of security threats – ARNnet

5 minutes, 21 seconds Read

From enterprises, the courts to even the tax office, no Australian organisation is immune to the threat of cyber hacking. Figures show at least 12 million Australians have had their data exposed by hackers in recent months, showing the scale of cyber-criminal activity goes far beyond the high-profile attacks on Optus and Medibank. Business leaders and chief security officers (CSO) will naturally be on their guard and will be more reliant on their trusted partners than ever before. But just how can the channel up their game to ensure their customers are fully protected?

One of the recent trends to emerge from Gartner’s latest security predictions report was the increased need for threat planning, ensuring hybrid digital environments are consistently monitored. Known as continuous threat exposure management (CTEM), this method is predicted to cause a 66 per cent reduction in breaches by 2026 by enabling early identification and prioritisation of suspected breaches.

One of the key methods for Palo Alto Networks’ partners to embed this high-level threat management into their offerings is through security operations centres (SOCs).

Janet Docherty, director for channel and alliances for Palo Alto Networks Australia and New Zealand, emphasised the urgency for partners to understand this technology and its benefits for customers.

“[With] SOC services, many customers are looking at ways they can enhance their proactive protection, remediation by either building their own SOC or having a managed SOC offering, this operation and automation of threat management is very high on agendas,” she explained.

“The prevention of cyberattacks has become a top priority for Australian organisations, and many are looking at how they can improve their protection to prevent potential data breaches. However, building and managing a team to run a SOC can be costly and take away valuable resources from their core business, whether they are small or large organisations. This is where partners can play a key role.”

Partner with a SOC allows partners to add high-level threat management into their offerings, Docherty explained.

For small-to-medium-sized partners or those struggling with Australia’s talent scarcity, these partnerships ensure necessary cyber skills are readily available within their organisation, and by default, their customers.

This eliminates the need for extensive investments in technology, personnel and training, and therefore extensive costs spent on in-house security infrastructure.

Thus, a SOC offers scalability and flexibility, allowing partners to adapt their security strategies to the evolving threats and needs of their customers.

“Ultimately, these benefits enable customers to focus on their core business objectives while effectively mitigating cybersecurity risks, thus ensuring the long-term sustainability and resilience of the organisation’s operations,” Docherty said.

“At Palo Alto Networks we are hearing this from all customers large or small, partners really need to understand this, the automation of these types of services will free up analysts to do more proactive security posture assessments.”

Set up for success

Australia’s cyber security skills shortage is well-documented. According to AustCyber, the nation’s cyber security industry could have up to 30,000 unfilled positions between 2022 and 2026. Partners are naturally bearing the brunt of that shortage.

“As cyber threats grow, SOCs are becoming ever more resource-hungry. Finding highly trained security analysts is getting tricky with a shortage of qualified staff,” said Docherty. “Meanwhile, attackers are growing ever more sophisticated, leveraging artificial intelligence and machine learning to attack at greater speed and with scale.”

According to Docherty, this means automation must be a priority for partners. Both mean time to detect (MTTD) and mean time to respond (MTTR) are key metrics in determining the success of their SOC.

“At Palo Alto Networks, our SOC technology leverages AI/ML to stop threats at scale and speed up incident remediation,” Docherty said. “By using AI/ML, we centralise data sources into a single platform, stitching data points to pull together the entire story for any given incident, providing complete context. We also use AI/ML to quickly and accurately identify and respond to malicious security events.”

Docherty noted that some Palo Alto Networks partners are already offering SOC services and proactive intelligence solutions, using the vendor’s technology to enhance their own offerings. Partners can also leverage Palo Alto Networks’ threat intelligence service Unit 42, which last year uncovered a 49 per cent bump in victims reported by ransomware leak sites around the world.

Partners are also building and offering managed security services, using SOCs and threat-detection to monitor customers’ environments and bringing in the right resources and level of expertise escalate and resolve when required.

Nevertheless, partners may find they are grappling with increasingly complex environments, with Australian end-users’ infrastructure often using either a hybrid-cloud or multi-cloud environment. This increases the challenges of configuration, monitoring, incident management and compliance.

However, Palo Alto Networks is aiming to help partners with this through its secure access cloud and recently launched cloud security features, which aim to quickly spot suspicious behaviors and trace security issues to their source and protect software-as-a-service (SaaS) applications.

“The landscape is changing, we are seeing large tech companies acquiring other large companies and this is bringing uncertainty to our partners and customers, customers and partners have made significant investments with these changes it will affect partners’ livelihoods,” Docherty said. “Security is still front of mind with priority and number one on the priority list.”

Docherty added that Palo Alto Networks is helping to sell and deliver its solutions through rigorous enablement.

“It’s important to Palo Alto Networks to provide the best security solutions to our customers, and to be profitable to our partners, while also maintaining our overall growth projects to the market,” she said.

From a customer perspective, partnering with a security provider that has a SOC is a powerful reassurance that their critical systems are in safe hands.

“When the overall risk of cyber security breaches is reduced due to the presence of a SOC, it signifies several positive outcomes for customers,” Docherty said. “Firstly, customers feel more confident in entrusting their sensitive data and valuable assets to organisations that have strong security measures in place. This increased trust stems from the knowledge that the organisation is actively monitoring and mitigating potential threats to safeguard its information.”

Most importantly of all, Docherty added, a reduced cyber security risk means that customers are less likely to experience data breaches. Such incidents can result in financial losses, reputational damage, and legal liabilities.

“By mitigating these risks, organisations demonstrate their commitment to protecting customer data and maintaining the confidentiality, integrity, and availability of information,” Docherty concluded.

This post was originally published on the 3rd party site mentioned in the title of this this site

Similar Posts