Are there any cybersecurity as a service (CSaaS) providers that actually offer end-to-end security?

LeadershipArchitecture
1.1k viewscircle icon3 Comments
Sort by:
CEO and Co-Founder in Software4 years ago

When you look at the EDRs like CrowdStrike and Cylance, initially they were do-it-yourself and then it became a SIGI play. Of course CrowdStrike was a marketplace play from day one. Today I still don't see a truly managed CrowdStrike offered. They do have services but they don't come out and say so like Expel’s model—I own the tech, people and delivery. I haven't seen that from these big companies.

Of all the offerings, if you look at these vendors, they're definitely not offering end-to-end. Arctic Wolf Networks and Alert Logic might because they do anything and everything for everybody. But when you look at BlueVoyant, Royal Quest and Expel, they're clear on what they won't offer. They're in that EDR, MDR space, treading cautiously: “Bring in your own tech, we'll manage it for you.”

Lightbulb on2
Board Member, Advisor, Executive Coach in Software4 years ago

CrowdStrike was first to do endpoint detection and response (EDR) technically and sell it in their Falcon product. Cylance went with prevention first as did SentinalOne. CrowdStrike started wrapping services around it because after people bought into the technology, they were still having issues with the complexities because it's a complicated space. So because it's a complicated product, CrowdStrike saw an opportunity to make money by selling a service on top of it. That removed a road block for some people who wanted the capability and better protection but had a hard time recruiting all the people required. And it's easier for CrowdStrike to recruit and retain with all the pizazz and market buzz.

I would argue that even in a real enterprise, you don't have full-scope endpoint management in the traditional IT space, let alone in the security aspect of that endpoint. It's because we all cut corners and don't have agents on everything. I could say it's a problem with the vendors and that they're doing it to maximize their PnL and meet the customer’s needs as best as they see fit. But internally, I still think that most internal enterprises I know don't manage the endpoints completely, not to the extent that they probably should. We get to the 80% and we call it done.

Lightbulb on1 circle icon1 Reply
no title4 years ago

Good enough is good enough on many fronts. I would agree with that. I think in many enterprises it's probably driven from a broad priority level downwards.

Lightbulb on2

Content you might like

JBS has announced it paid hackers the equivalent of $11 million in bitcoin to resolve a cyberattack last week after consulting with internal IT professionals and third-party cybersecurity experts. Do you agree with their decision to pay?

https://www.axios.com/jbs-pays-11-million-ransom-end-cyber-attack-e9a85abd-754f-4fcc-827e-907ce30ea3ac.html

Yes71%

No28%

Why is your organization currently not utilizing AI in your contact center?

We are currently using AI in our contact center19%

Our data is not easily/fully accessible between departments41%

We use conversational AI for web chats, but not for telephony20%

We just can't justify the investment16%

Other (please comment)1%

View Results

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

I am looking for insights on establishing an Architecture Review Board (ARB) within our organization. As we aim to enhance our architectural governance and ensure alignment with our strategic objectives, we recognize the importance of setting up an effective ARB. To this end, I would greatly appreciate your guidance on the following aspects:       1. Establishing a Charter: What key elements should be included in the ARB        charter to clearly define its purpose, scope, and authority?       2. Member Selection: What criteria should we consider when selecting members for the ARB to ensure a diverse and knowledgeable board?       3. Review Process: Could you share best practices for structuring the review process to ensure thorough and consistent evaluations of architectural proposals?       4. Decision-Making: What are effective methods for making decisions within the ARB, and how can we ensure transparency and accountability?       5. Documentation and Communication: What templates or tools would you recommend for documenting reviews and communicating decisions to stakeholders?      6. Measuring Success: How can we establish criteria for measuring the success and impact of the ARB on our architectural practices? Your expertise and experience in this area would be invaluable to us as we embark on this initiative. Any additional insights or resources you could provide would be greatly appreciated. 

Read More Comments

CIOs - how do you remain adaptable and open to change in the face of the unknown?