What’s in a Buzzword?
They’ll say tomato if it sells
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . .
I saw a post on LinkedIn today, meant for small businesses, that was about “security as a service”. It was a diagram listing several ways to outsource parts of your security process. If you too saw this diagram, and know its originator, please do NOT put the company’s name in the comments!
As a person who believes in the VISO (Virtual Information Security Officer) concept, it definitely attracted my attention, given that it didn’t list VISO as one of the ways to outsource your security process. That automatically makes me suspect the “diagrammer” probably works for some Managed Security Service Provider. And, like many MSSPs, they just don’t have the people to offer the VISO type of service. I rue when diagrams meant to educate leave out parts of the equation that don’t serve the “diagrammer’s” purpose.
And of course, I took note when this particular diagram listed what our company does, naming the “product” as “SIEM as a Service.”
While I do like that description, my goodness, when are we going to settle on a name for what infotex has been doing since the turn of the century? For us, the quest for a name first started when IPS/IDS was supplemented by what we called Logmon. That morphed to ELM (Event Log Management) and when we put everything all in one big data database, our examiners started calling us “Managed Security Service Providers” (which is what we are, in my opinion).
Then, people started referring to our SIEM as a SIM, and calling us their Managed SOC (Security Operations Center). Briefly… very briefly… M-SOC was the new name.
Now I believe we’re back to MSSP.
You say tomato and I say tomato. Whether it sells the tomato or not.
One year at a conference we started hearing the term, “threat hunting.” Right there, at the conference, we investigated what people meant when they would say, “oh, you do threat hunting.” We thought to ourselves, “so what we’ve been doing all along is now called threat hunting?”
Nihilism is a philosophy held by people who think, among other depressing things, that life has no meaning. I’m starting to feel nihilistic about the nomenclature and buzzwords used for what we do.
In looking at this diagram, which also lists EDR, IPS, Firewall Management, IAM, DLP, and Awareness Training, I’m going to posit that infotex, to the “diagrammer”, is a Managed Security Service Provider that offers its own SIEM. If the “diagrammer” was being objective, I would hope they would point out that the SIEM was designed by IT auditors.
Our SIEM leverages EDR, IDS, IPS, ELM, Change Detection, Port Monitoring, O365 monitoring, and many other network monitoring and incident response services that small banks, credit unions, and small businesses can deploy, in a method to outsource a segregated response to cyber security attacks.
A mouthful. And the way to summarize that mouthful is this: a SIEM is three teams working as one, and the result is that our Clients sleep at night.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Information Architect, infotex
”Dan’s New Leaf” – a fun blog to inspire thought in IT Governance.