Customer Perspective: Budget Allocation and Security Fears for 2020

What new line items have you added to your cloud/infrastructure/security budget in 2020?

Cybersecurity Architect at a top 5 law firm

This year, we’re allocating budget towards two specific initiatives: threat detection and threat deception. While we still take an outside-in approach to security, we have now adopted an ‘assume breach’ mindset and are focused on the components of Zero Trust to determine our strategy for minimizing the impact of a breach. We’re laser-focused on defending our critical data and applications, so a clear understanding of what “normal” looks like will help us to detect anomalous behavior more quickly. Additionally, we’re also focused on user behavior analytics (UBA) and application access and usage.

Chief security architect at a top SaaS company

As we move further into the public cloud, we’re continuing to expand our current budget with tools like Illumio, while adding new, innovative solutions to our stack. We’re investing in EDR solutions that will beat out legacy, signature-based anti-virus protection solutions and we’re in the process of implementing hash-based analysis tools and host- and network-based intrusion detection solutions, as well as a big SIEM SOC space.

Christopher Roden, Cloud Services Network Architect, Ultimate Software

The new technologies we are looking into this year are related to capacity and expansion, continued migration to public clouds for some of our DR environments, and expanding our inspection capabilities based on application processes. We just went through a greenfield deployment for a new data center build, so we’re looking to mature that infrastructure and operationalize services that have worked well in past data centers into this new environment.

From a security perspective, what keeps you up at night?

Cybersecurity Architect at a top 5 law firm

Nothing! I sleep like a baby. To be frank, nothing would surprise me at this point, but that doesn’t stop me from worrying about the time to detection and ensuring that we minimize that time as much as possible. We’re also focused on growing our team of professionally curious individuals who will further our mission to strengthen threat detection.

Chief security architect at a top SaaS company

Our company is responsible for a broad set of customer data. We’re dealing with very sensitive information and we have contractual and regulatory obligations to maintain the confidentiality of those customers. As we know, a data breach can have a lasting reputational and economic impact on an organization, so ensuring proper security is of the utmost importance to us. That said, we’re focused on designing for security as a first order of business. We’ve implemented all of the basic principles for how to design a healthy system, including least privilege, separation of duties, default deny, keep it simple open design, controls that people will follow, and so forth. Secondly, we implement the entire set of controls that are necessary to secure data. Not just partial implementation, but the full set of controls. This includes access management, network segmentation, patching and vulnerability management, etc. Even with all these tools (and others) in place, we may still experience a breach. As we know, attackers are becoming more sophisticated and working just as fast as security teams, so it’s a constant game of whack-a-mole.

Christopher Roden, Cloud Services Network Architect, Ultimate Software

A compromise (no matter how big or small) is always a concern. Especially from the outside-in. Application-level vulnerabilities are top of mind, but our DevOps and Security teams are working closely together to minimize the possibility of a security incident.