iscover
Andre CueninShare this article on:
Powered by
MOMENTUM
MEDIA
In response to the sharp uptick in global cyber crime activity, proliferation of ransomware and geopolitical uncertainty, there are two options for organisations looking to shore-up their cyber defences, which could be in-house talent development or acquiring a managed service, according to Andre Cuenin, Rapid7’s chief revenue officer.
The below transcript is an excerpt from a recent interview between Andre Cuenin and Cyber Security Connect journalist Nastasha Tupas.
Looking at Rapid7's mission, one of the things that is really important for us is called "democratising security", meaning make it available to more people.
That's a big mantra for us when we develop product and value delivery, going through the entire lifecycle of every support or managed service, aiming to simplify complexity, making something understandable, not only for the subject matter experts.
The benefit to come out of it is not just the usability piece, but also time to value. That means you need to develop solutions, which have to deliver value really fast. Some of our products like identity detection and response (IDR) and our SIEM solution is probably the world's best when it comes time to value, that is how much out of the box capabilities you get, by solving 80 per cent of the use cases. So, I think it's a very specific and intentional approach, knowing how much labour shortage there is in cyber security. And when you look at some of the economic data, cyber security continues to be in the forefront of IT spend, given how significant it is for companies.
Finding talent is also another challenge and companies have two options. First, they can develop talent themselves, for example, leveraging the graduate talent pool from universities and train them in-house. The other option is acquiring a managed service. For example, you might have enough people to use vulnerability management internally, but if you want to have a SOC for detection response, which needs 24/7 coverage, you might not have the resources to do it yourself, and you decide to go for a managed service.
What we have done as a company is two things.
One is simplifying the user interface. The other two pieces are related to a strong MSSP strategy, which is designed to help partners deliver the service. But we also have a service wrapper for some of the strategic products ourselves.
For example, if a company doesn't have 24/7 SOC capability but likes our detection response capability, that we offer a managed service, wrapped around it to kind of help solve that problem. The advantage for a customer is starting with a managed service and once the customer has then caught up and has their own in-house resources, the product is simple enough for the customer to use while keeping all the implementation Rapid7 has done on their behalf.
The average number of security products customers have globally is 45. From a technology point of view, for customers, integrating the technology is a major task. Both large and small organisations have been finding it quite difficult to wrap their head around solving the integration challenge on different levels.
Complexity is a function of the elements that need to interact exponentially, which is getting more and more complex, and that makes it much more difficult for companies who are hands off with their security management. As such, providing tools to enable the customer to solve the integration challenge is a tremendous benefit.
Be the first to hear the latest developments in the cyber industry.
