Blum will talk about this and other security trends in his “Security Landscape: Market in Flux” session on Monday at the Computer Security Institute’s 33rd Annual Conference and Expo in Orlando, Fla.
This integration is also expected to simplify security oversight, with fewer tools and easier management of all that data they generate. “If you had one vendor provide everything for you, then it wouldn’t [be able to easily] keep up with change and new attacks,” he says. “And if you have too many different vendors’ products, you can’t keep up with the burden of integrating” it all and you’re probably not getting the best bang for your buck because you’ll also have to invest in integrating the tools.
The key is not getting trapped on a treadmill of having to buy a new security tool every time a new attack vector is discovered, or a new compliance requirement comes along, he says.
Meanwhile, there’s still no easy way to manage — nor sift through the false alarms — the data security tools generate. Today’s network operations centers don’t typically encompass all of an organization’s security management, “Most of us don’t have security in the NOC. You see security teams playing more strategic roles than operations, such as compliance, high-level risk management, etc. And they need to be able to exert control through distributed points as well… You can’t do it all from one NOC.”
http://www.darkreading.com/document.asp?doc_id=109786&WT.svl=news1_3