Cybersecurity Teams Struggle to Fix Vulnerabilities Amid Budget Cuts and Layoffs
It’s an uneven split. On top of an ongoing need to fill cybersecurity positions, many industries now face budget cuts and, consequently, reductions in force. While some have hired too many, others are making ends meet, and the result is about the same: companies big and small are now struggling to secure their networks with less-than-optimal resources.
AN OLD PROBLEM
With a grimace, we ask – What’s new? Here at Nomic, we’re trained to fight for (and with) the little guy. For the most part, understaffed cybersecurity departments and dehydrated security budgets are the long-standing reality of most of our clients. And yet they have to secure their digital resources the same as anybody.
Arguably, some have a greater call for security, given the fact that they are medical centers, schools, and local municipalities. If something goes wrong at that end, the consequences could be far-reaching and publicly disastrous – they extend far beyond the bottom line.
So, we thought we’d take this moment to chime in with some level-headed advice about weathering the storms of shortages, cuts, and stretched resources. We were built off this model, and our customers come to us for help with these problems every day. That’s why we’re here, and that’s why we advocate for technology solutions like managed network detection and response (MNDR) and a support team filled with experts who know how to make your security spend stretch.
THE OUTPOST: SAVING THE FIREWALL TIME
I was recently at breakfast with a client, and he was telling me about the challenges of securing two adjacent cities with only one small IT team. The task was behemoth: they had invested in a top-of-the-line firewall just to handle the load and had segmented networks in order to keep both cities’ resources straight.
He explained how relieved he was to have Nomic’s Outpost device sitting on the edge of his network, cleaning up 80 to 90 percent of the traffic that would normally hit that enterprise firewall. It not only saved him time, but it gave his firewall the cycles it needed to do its job.
In a nutshell, Outpost sits on the outermost edge of the network, and it uses constantly updated threat intelligence from our network of Nomic devices around the globe to detect and block the most recent known threats as they approach your systems. Positioned right in front of the firewall (not behind it), it fields a good deal of traffic before your firewall even gets the chance.
It can also offload future internal security burdens by hiding your network – we call it Network Cloaking – when a malicious exploit pops up. That way, there won’t be any subsequent probes, additional attempts, or further nuisance from attackers, as they won’t even see you there.
LEANING ON MANAGED SECURITY
The obvious way to bat down strains in personnel is to hire out. Partnering with an MNDR provider is a great way to “do more with less,” as you get instant experts at your fingertips and don’t have to worry about training, onboarding, insurance, HR issues, or management. It’s plug-and-play.
THE EXTRA LIFT
Nomic’s MNDR solution gives you the power of an in-house SOC without the overhead. Go beyond just ferreting out attacks: disrupt exploits at the perimeter, identify outdated systems and misconfigurations, and discover latent vulnerabilities before they fall prey to bad actors.
Plus, with autonomous threat defense, your MNDR platform can be doing the job you may no longer have the personnel to fill. Consider the following capabilities, and then think about how your organization is fulfilling these jobs now (or if they even are):
- Parsing through threat feeds to identify emerging attack strategies
- Hiding the network from incoming attackers
- Finding outdated software, misconfigurations, and Shadow IT
- Gaining total network visibility: eliminating blind spots end-to-end
- Discovering devices infected by malware
- Blocking outbound C2 attempts
- Disrupting attacker reconnaissance
- Blocking inbound attacks
- Reducing the firewall’s CPU load by 70%
That’s quite a list, and that’s exactly what we do. With Nomic MNDR, everything on that list is checked and off your plate – all for less than the cost of a single new hire.
THE EXTRA MILE
Besides our unique technology, the advantage of a Nomic MNDR solution, for example, is that you receive a level of customer support unheard of in comparison with the big guys. When you call in, chances are you’ll be talking to a person that’s had a hand in the code themselves and can walk you through the issue on the spot. You don’t get a phone farm with first-level support: you get a company member you know by name and the knowledge that they care as much about the product succeeding as you do.
You may even get a call from them first. Our clients are always surprised at how proactive our support team is. We take our jobs as partners very seriously. Our team is on the watch for any alerts or issues once our agents (Outpost and Insight) are deployed on your network. When something comes up, you may just get a call saying that we’ve already remediated the issue.
Not to toot our own horn, but our dedication to our clients earned us the first-ever TAGITM Industry Partner award in April. It’s an honor, but what we really love is that our small team is making a difference that can be felt.
PLAY SMARTER, NOT HARDER
Looking at it from a wide-angle lens, bigger companies that have had to lay off a significant part of their cybersecurity workforce have an opportunity ahead of them. For months we’ve been preaching the benefit of having to economize now and how smaller teams had the opportunity to build lean (while bigger ones had the option of building bloated). Now, it looks like everyone has the same chance.
Taking things down to basics gives companies of all sizes a chance to reassess the effectiveness of their current approaches. Were they run by efficiency or sheer people power? Were they doing more with less or more with more? Were existing resources (like fancy, expensive firewalls) being pushed to the max, or were they reinforced by smarter tools already on the market?
And lastly, were teams spending extra money on overhead, training, hiring, bureaucracy, and more when they could have stuck to their core competencies and allowed us to do what we do best?
As the industry moves forward, I hope we all learn to lean on each other a little more. This is a tough gig. Big corporations and small mom-and-pops alike need the option of calling in a friend (or a company full of them) when times get tough.
Here at Nomic, we try to be that (really smart, really security-savvy) friend that can deliver the goods when it counts and brings your security strategy to the next level.
Ted has worked with network security and web technologies for almost 30 years, beginning his career as a full-stack web engineer and transitioning to network security. He now guides Nomic and its supporting initiatives, including CINS Active Threat Intelligence.