Amit Gil, Security Practice Lead
“Security is a changing landscape and requires constant care, feeding, skills, products, and processes well beyond just SIEM,” begins Eric Walker, Sr. VP of Technical Services at GlassHouse Systems (GHS). While innovations in the IT domain are moving at lightning speed so is the level of sophistication and complexity of the cybersecurity beast. Considering the risks that the BYOD era poses, the security landscape is expanding beyond the four walls of the organizations, making it more difficult to keep a track of the threats. To add to that, with the proliferation of technologies like cloud computing, the parameters that demand protection are constantly growing and undergoing metamorphosis. Against a backdrop of rapid technology transformations and the prevailing war against cybercrime, companies invest in SIEM systems for better visibility or response towards theft. “However, one cannot learn these technologies fast enough; companies struggle to find the right expertise and to know what’s best to implement in their environment,” says Amit Gil, Security Practice Lead at GHS. This is where GHS steps in with its rich skillsets built up with a depth of expertise in IBM QRadar and the like that allow customers to look at future impending events. The company brings to table best-in-class managed and professional services, and a deft team of talented personnel who focus on learning new technologies and help customers to implement the best-fit for their organizations.
GHS maintains the expertise in implementing and managing SIEM environments, focusing on IBM QRadar, by following best practices and by employing cybersecurity experts to define these practices and follow them. “Our managed services focus on developing templates or workflows integrated into the SIEM, which defines the maturity of response in case of any incident encountered,” explains Walker. GHS expands its capabilities beyond the IBM QRadar SIEM to leverage customers’ existing toolsets.
Besides incident response, the next essential piece of the process is automation. That said, the company is well-positioned to leverage automation to reduce cost and enhance the security posture in their clients’ organization.
Typically a client engagement begins with a proof of concept (POC) to ensure that the client needs to implement SIEM into their infrastructure and identify the right process for the implementation. Next, the onboarding phase involves the client in defining processes of notifications and escalations and the core management of the SIEM solution. “We conduct different workshops with the customers to identify all their requirements, which is followed by going live with use cases and reporting in place. We start monitoring the environment 24x7x365, providing feedback and alerting through those escalation tasks that we identify,” adds Gil. Further, the lifecycle involves developing new processes or introduction of new technologies in the client’s environment that will fortify their security posture. “Reducing complexity and costs is a by-product of leveraging the client’s investment; GHS designs solutions that integrate with minimal disruption,” agrees both the entrepreneurs.
With a clientele encompassing almost all industries in the market, GHS has enabled businesses to reconstruct their infrastructure, thereby strengthening security. To elaborate, one of the imminent clients of GHS was lacking appropriate skillsets and resources which had an impact on their security posture. GHS effectively performed a POC of several SIEMs and deployed the most advanced one, resulting in upgraded business procedures within two to three months—the system was up and running with the managed services.
GHS aims to grow in terms of practice and personnel in the near future, as well as to expand its product intake while pushing their business towards the whole predictive analytics side. “A SIEM solution must be viewed as a means to improve customers’ security posture, but it doesn’t end with implementation,” says Gil, “GHS focuses on the identification of anomalous patterns, hunt for threats, analysis of new patterns and creation of proper workflows to improve security incident responses.”