Can’t Afford a Full-Time Security Team? Better Find a Partner

The time has passed when cybersecurity can effectively be done as an “and” job.

You know what I’m talking about. Too often still, security ends up being somebody’s and job: IT and security. Operations and security.

The reality is, no company today, whether startup or enterprise, should try to handle all its security alone — even through a full-time employee, much less as an and job. For most organizations, IT security is not, and will never be, a core competency. Given the breadth and depth of cyber attacks today, hiring all the security expertise and buying all the security tools and appliances necessary — including for threats that are relatively unlikely but could be catastrophic — is unaffordable for all but the largest enterprises.

But there is a solution.

Just as many companies outsource payroll processing or web hosting services, smart business owners and IT pros are finding that they can get more robust security for a lower total cost by working with a trusted partner such as Rackspace, which, with our recently announced new services, Rackspace Managed Security and Compliance Assistance, can offer companies economies of both expertise and scale.

That scaling applies to the many software tools Rackspace employs and integrates, in collaboration with carefully selected partners such as Alert Logic and CrowdStrike. On top of that we layer our economies of expertise, allowing our customers to benefit from the collective experience and pattern recognition of our security team, which includes specialists we’ve hired from U.S. and British military and intelligence units.

As a security product manager, my job is to help solve the overall security needs of each customer I serve. While “product manager” often connotes someone who oversees a particular offering, such as anti-virus software, my job at Rackspace is overarching. I work with each customer to understand its business and security needs, evaluate product technical capabilities, manage contract negotiation and procurement, define deployment processes and train both Rackspace support specialists and customer IT employees on any new platforms.

While most of the breaches that make the news are the result of sophisticated “advanced persistent threat” attacks targeting a specific organization, the most common breaches by far are much simpler “shotgun blast” attacks. These are most successful when someone handling IT security as an and job simply buys a handful of products off the shelf that fit within an allocated budget.

Finding the right combination of tools for a company’s specific needs can take months of research and evaluation. Meanwhile, the arsenal of tools and services available to meet those needs is staggering — and it’s growing almost every day.

I spend my days sorting through (and often fending off) aggressive new vendors pitching their latest “next gen” technology, working with established partners to figure out how we can provide more value to customers, and reading every security whitepaper, blog post and analyst report I can to get my hands on — all in an effort to stay ahead of the next evolving threat.

That’s my full time job — no and for me — and there still aren’t enough hours in the day to do everything I’d like. I can’t imagine trying to do all of that and another full time job.

As news of more frequent and advanced cyber attacks fill the airwaves and spur businesses to confront their security shortcomings, it’s important for companies to understand: you do not have to go it alone. There is an alternative. Experienced Rackspace security professionals, using leading technologies, can help secure your managed cloud and protect your business.

Finding cost-effective ways to secure the IT infrastructure of your company allows you to to focus on your core business — on the products and services that drive revenue.

That’s what I love about my job. I not only get to help organizations secure their IT; I get to help them succeed.

Jason Wolford is Product Manager for Rackspace’s Managed Security Practice. He has worked in the technology and security industries for more than 15 years, with roles in support, product management and strategy. He earned his MS in Business Administration from Trinity University and his MBA in Information Technology from the University of Kansas. He also holds certifications from the Association of International Product Marketing and Management, Scrum Alliance and the Cloud Security Alliance.


Please enter your comment!
Please enter your name here