Measuring Security as a System of Systems

This week I was presenting at the Gartner Evanta Global CIO Executive Summit in beautiful Hilton Head Island, South Carolina. The idea of measuring and optimizing security as a system of systems came up multiple times in conversations and presentations. This topic was even brought up by Jay Leek, Managing Director at ClearSky, formerly the CISO of Blackstone, during his opening discussions about the thousands of disparate security companies that exist today.

Bringing proof and clarity to security as a platform to measure, manage, improve, and communicate security effectiveness as a system of systems is what the Verodin Security Instrumentation Platform (SIP) is all about. Anton Chuvakin and Augusto Barros, also with Gartner, address this notion of a system of systems in their recent Gartner report.

Security is made up of multiple tools and multiple vendors. Some organizations have security tools from dozens of different security vendors while others have hundreds. Regardless, security operates as an interconnected system of a bunch of smaller security systems. This is complex, and it needs to be measured so that you can validate the efficacy of your security controls and ultimately glean value from your security investments.

The concept is relatively simple. You have security tools across endpoint, email, network, and cloud. You want to ensure that those tools are working how you want, providing value, and that they are working well in concert. For example, you might want your firewall to block attack ABC or want your IPS to detect attack ABC. And you might want your SIEM to receive the events from the firewall, the alerts from the IPS, correlate them, and notify a security analyst about the incident.

With so many security tools—each with complex configurations, dependencies on other security tools, the network, operating systems and applications—being able to measure, manage, and improve the security effectiveness of a system of systems requires a purpose-built solution.

Verodin SIP is that solution and helps to validate the efficacy of your security tools and the system of systems overall. SIP helps to address gaps and ensure that the fixes applied work as desired. And SIP will alert you if any of the systems within the system stop operating as intended.

Having a level of visibility across all your security systems, being armed with proof as to what’s working and what’s not, and actually being able to validate your system of systems was never truly tenable in any type of automated, consistent approach until now. This is precisely what Verodin SIP does. SIP will manage, measure, and improve security effectiveness for your system of systems with robust reporting and trended analytics that allows technical and non-technical decision makers to understand, from their perspectives, how the system of systems is operating and what level of further instrumentation is needed to improve.

back to blog