FireEye takes the load off anxious businesses
Better protection, lower cost, scalability are all on the plate with SECaaS
The chief Information security officer seemingly cannot win.
On one hand is a growing shortage of cybersecurity resources — skills, tools and processes — while on the other is a threat landscape threatening to spiral out of control.
Enter Security-as-a-Service (SECaaS), or in this case, FireEye as a Service (FaaS), with a solution that may just stand between the IT organisation and catastrophe.
FaaS capabilities were in full display when the service in March identified a spear phishing campaign that appeared to be targeting personnel involved with United States Securities and Exchange Commission (SEC) filings at various organisations.
FireEye suspected that this campaign was associated with the financially motivated threat group known as FIN7.
Mohammed Abukhater, regional director for MEA (Middle East and Africa) region at FireEye says FaaS offering gives enterprises the edge they need in contending with the modern attacker in an era of rising – and increasingly sophisticated – cyberattacks.
“FireEye as a Service provides continuous compromise assessment and response, using FireEye products and intelligence to detect signs of intrusion early and provide the answers needed to respond effectively. In most cases, detection through response occurs within hours, drastically minimising the scope, impact, and cost of a breach,” Abukhater says.
Although as-a-service model exists widely within the VAD and reseller segments, it’s very rare among vendors.
Now, more than ever, the security-as-a-service model is of greater importance, says Abukhater, as it allows the managed services team to be an extension of an in-house security team. “As an organisation grows and evolves, its security portfolio must be aligned with IT and business needs. A SECaaS partner facilitates the organisation’s ability to scale its required level of protection at any time based on the needs of the business.”
Organisations in the Middle East region are realizing the inherent benefits of the security-as-a-service model, which is slated for substantial growth in the years to come.
FaaS can be seen as extension of FireEye broader and expansive cybersecurity platform.
Abukhater explains that the FaaS service applies FireEye investigation technologies like Enterprise Forensics, Threat Analytics Platform and Endpoint Security to retrieve and analyse data from a company’s network traffic recordings, security device logs, and every endpoint within its environment. Evidence is compiled, a timeline of events is constructed and knowledge about threat behaviour is utilized to track down an attacker rapidly.
As new attacker methods are discovered, FaaS creates and deploys new intelligence through FireEye detection technologies such as Network Security, Email Security and Email Threat Prevention to seek out and block those same attack characteristics across the FaaS community.
Alleviating the acute skills gap within cybersecurity is one of the key benefits of the SECaaS model.
Citing stats from Frost & Sullivan, Abukhater notes that the gap between security openings and skilled people to fill them will reach 1.5 million by 2020. Clearly, a rise in cyber activity will create a worrying skills gap in the future – an issue that needs to be addressed, he warns.