VARs must add more value in security

Value-added resellers are perfectly placed to step in and help customers as the global threat landscape continues to escalate, argues Performanta Ltd CTO Lior Arbel

The cybersecurity threat landscape is changing. We are seeing an upsurge in basic to complex attacks from threat actors who are being aided by an increased availability of underground offensive security technology. Fully developed and tested malware, remote access tools, and other malicious toolkits are readily available for free, rent and sale on the black market.

Malicious actors can now repurpose an existing toolkit to create a new threat, rather than developing their own. This has drastically reduced the cost of a crime spree. This cost reduction is one of the central driving forces for the growth in cybercrime and is seeing a dramatic increase in profits for threat actors. A recent Trustwave report estimated a 1,425 per cent return on investment for a single malware campaign. In contrast, the cost of a company's defensive technology continues to increase and become more complex.

The only way to counter this escalating threat landscape is for all companies to deploy a holistic and adaptable cybersecurity strategy. But what is the most efficient way for the market to do this? The vendors who create the defensive solutions primarily specialise in the research, design and development of their product and are not suited to create these networks. However, a security VAR is perfectly positioned between the technology providers and the customers to fill this void. Many security VARs are wary of taking on this responsibility but they must do so to stay relevant in the market and increase profitability as vendors simply do not have the capability or inclination to take up this challenge.

Many vendors today specialise in one technology, whereas it is rare that a company will have only one technology deployed, leading to necessary merging and possible interaction issues. It is likely that a VAR has teams that specialise in multiple technologies who have secured either vendor-neutral certification accreditations such as the Certified Information Systems Security Professional (CISSP) certification or vendor specific accreditations. In addition to accreditations, VARs have a wealth of hands-on experience gained from operating across different customers' network environments.

VARs that gain these accreditations can develop the capability to seamlessly fuse products into a cohesive secure network, creating a final, more resilient layer of defence which lends itself to a strong security posture. They can also carry weight with end users and provide customers with a confirmed level of expertise. In these ways, VARs should aim to become an extended arm of the company's own security plans, knitting it together and bringing the disparate parts into unison. In doing so, the VAR can become an invaluable partner as well as secure ongoing business.

Vision is required to achieve this holistic security approach. It can be specific to a customer, but it can also be more general across your company. A VAR should work to determine the customer's ideal plan for a protected network, incorporating any modern technologies, and their own expertise. This vision can be used to talk to customers in an informed way, and bring their internal security into alignment with the VAR's expert opinion. When this is combined with the customer's existing solutions, specific requirements and budget, you can find the middle ground that creates a holistic network for each of your customers.

This customer-specific vision will take into account what the company needs to secure, the shape of the network, and legacy IT solutions; and creates one plan that covers all aspects of the network and possible weak spots. This is a difficult thing to do, and requires a high level of expertise within many aspects of security. VARs that are are too conscious of just "box shifting" need to invest more time in improving their professional service capabilities to achieve this kind of company-wide strategic approach to network design.

With the global threat landscape continuing to escalate, companies must ensure they are taking the necessary steps to protect their network and sensitive data. The reality is that many companies cannot afford to retain the skills necessary to adequately protect their networks. There is a definite opportunity waiting for VARs who are willing to invest the time to become experts and are able to assist companies in building secure networks with expertise gained from multiple vendors. VARs that successfully provide these services will be more appreciated by their customers, improve their bottom line, and be aiding in the global fight to battle cybercrime.

Lior Arbel is CTO of Performanta Ltd