Gigamon Applied Threat Research: The Security Services Life Cycle

The Opportunity

As security threats continue to advance, the security knowledge gap widens, leaving organizations struggling to keep pace. This creates a severe disadvantage, considering that just one security breach could offset years of profit or, even worse, serve as a company‐ending event.

More often, organizations are seeking trusted security advisors to help fill that gap and leverage their knowledge and resources to reduce the overall business risk. This is where the security services life cycle comes into play to help you best enable and empower your customers.

Security Services

At its core, security services are wide ranging and designed to identify, correct and mitigate known or unknown security gaps and risks through assessments and incident response support. These services, while transactional in nature, provide the foundation for a trusted security advisor.

The security services approach needs to be flexible and must be designed in the client’s best interest to provide maximum value at the customer’s budget. Budgets will vary as much as the size and security maturity of an organization and understanding these components will help you customize your approach to yield the most value.

Compromise Assessment

One example of a security service is a compromise assessment, which is a technology‐driven review of a customer’s environment to identify evidence of current or historical malicious activity, such as security breaches These assessments can be further augmented with health assessments of the customer’s security posture to identify additional security gaps. During mergers and acquisitions (M&A), organizations are hesitant to combine networks when they’re uncertain whether the environments are clean, making the compromise assessment technique especially popular during M&A activity.

Managed Services

As organizations leverage security services, they often naturally require more assistance. As security programs mature, they require more help, so their overall business risks remain consistent as they scale as a company. Managed services provide the key answer to helping your clients minimize business risk during this process.

Much like security services, managed services come in many shapes and sizes, from managing devices to monitoring the environment for security threats. While customization becomes more difficult for managed services due to scaling the service itself, various tiers can be applied to best accommodate specific requirements.

Managed Security Services Provider

To take a closer look, let’s use the example of a Managed Security Services Provider (MSSP). A base offering is one that installs fully managed standard security tools and provides alerts based on security signatures, indicating a potential security incident.

The next level up would be to introduce a threat hunting service on top of the base MSSP offering. Threat hunting is the act of proactively collecting data from customer environments and analyzing the information to identify anomalous activity. This addition will add value to customers who are looking for more than just a reactive security program that’s solely dependent on security alerts and provide additional margin for your services

Security Product Services

As part of security and managed services, product opportunities will naturally arise from recommendations that surface during the services. As the trusted partner, customers will look to you for input on which products are best to solve any identified gaps. This is a perfect lead for additional implementation, optimization, and additional managed services.

An Example

A typical example of this might occur during a compromise assessment. Your services team identifies visibility gaps in a customer’s cloud environment. They are not able to monitor their cloud environments as they would the rest of their enterprise network. Your team can recommend leveraging Gigamon GigaSECURE® technology to provide network data to the Gigamon Insight solution. This expands your existing MSSP service that you provide the customer, and the customer now sees a more secure environment and reduced business risk.

Tying It Together

Each phase of the security services life cycle plays off of each other. There is no one correct starting point. It’s irrelevant whether you begin with security services, managed services, or product services. What matters most is identifying the customer’s security gaps or pain points and presenting a menu of services readily available to advise them. In doing so, you’ll create an avenue through which to grow along with your customers and serve as their trusted advisor.

Source: Gigamon Partner Newsletter, Jason Rebholz

Contact your Exclusive Networks Account Manager today to learn more about the Gigamon Applied Threat Research solution.