Secureworks’ Wendy Thomas on Cybersecurity and how Partners can Help Customers Stay Protected
Wendy Thomas, CEO and President at Secureworks, joins Larry Walsh to talk about how to best enable cybersecurity for human progress and how partners can play a role in supporting customers along the way.
By Larry Walsh
It’s clear the issue of cybersecurity is one that’s only getting worse. In the past 15 years, we’ve seen significant transformation in terms of how cybersecurity attacks play out, going from being disruptive to actively stealing or manipulating data. Now, as they continuously get more dangerous and we become more dependent on digitalization throughout the world, these attacks can have serious consequences. Wendy Thomas, CEO and President of Secureworks, explains the ongoing need for better cybersecurity and how Secureworks is accomplishing just that.
“The impact of security is no longer individual,” said Thomas. “Now, we’re talking about security that broadly impacts people in really meaningful ways and affects their ability to live their daily lives. As security attacks grow increasingly dangerous and manipulate critical data and personal information, it’s clear to see that ransomware attacks are no longer confined to the virtual world but evolving into the physical or hybrid world. At this point, security is a matter of the human condition.”
Secureworks’ vision is to ensure that a customer can focus on securing their mission and accomplishing their day-to-day tasks. This can be put at risk if the proper security controls aren’t put into place. The company recognized the need for a change in its approach to cybersecurity after seeing that, as is common, when there are only individual security point products in place, the adversary always finds a way to weave in between the weakest points in those controls. “They need to be right only one time; we need to be right 100% of the time,” Thomas said.
The company decided to take a holistic approach to security, integrating two key components, the ability to detect the adversary, wherever they may be, and then to immediately authorize the response, as speed is of the essence before damage occurs. Secureworks uses technology like its Taegis XDR software to have holistic visibility to cross-correlate detection across an environment to focus only on the threats that matter the most, automating the response to that with the knowledge of best practice workflows. Using the XDR extended approach to security enables customers to have that last line of defense up and keeps them running to secure their progress. “It’s about the outcome, not the effort,” Thomas said.
The Taegis XDR software uses data science to pinpoint the most important alerts and threats to customers. To do this, Secureworks leveraged its knowledge of data that comes from the telemetry across leading security point products and used data science to normalize that data. The company then cross-correlated the data to reduce the noise of those alerts to those that matter most based on the knowledge of the threat and to prioritize based on an understanding of customers’ assets and the environment involved.
The software also helps get around the more general, yet pervasive, issue of a shortage of security professionals. Based on analytics complied through customer engagement and input and putting that data into machine readability and automating the response to those incidents, Taegis ensures humans only have to focus on the most complex new alerts. This automates the repetitive alerts and workflows a customers’ investigative containment actions while helping to scale the team of security professionals so that analysts can focus only on what poses the biggest risks to a customer.
Secureworks is also working on scaling and accelerating the development of security talent on a broader level. The company has developed an MSSP program to guide, train, and certify others to become managed security professionals and providers so they can provide security services themselves to their customers. This also allows MSSPs to leverage technology they’ve built and get to market faster. According to Thomas, “this can be an opportunity to build scale and develop partnerships at the same time.” Likewise, by focusing on service design and enablement, and helping partners with things like onboarding, Secureworks believes it can help offset the lack of security capabilities and limitations that partners typically have.
A lack of visibility and knowledge when it comes to security, along with an increasingly ephemeral DevSecOps environment, means customers can have a difficult time knowing they have everything fully covered, secured, and properly configured with the right access. This is why it’s so important to have a partner come in and automate the software, detecting the gaps in security early on to avoid having to return and repeat the process.
At Secureworks, customer and partner success are one and the same. “Fundamentally, security starts with trust and trust is you’re going to deliver a secure outcome for our customers,” Thomas said. By being proactive around its customers and partners, Secureworks can produce this result. Meanwhile, the Taegis XDR solution can help customers constantly curate and mature their security program, practices, and team.
Part of the company’s customer success elements lie in its quarterly security management reviews. During the reviews, Secureworks demonstrates to its customers the efficacy of the security they’re receiving and the return on the investment they’re making in Taegis. Secureworks also uses the reviews to champion how security can better enable businesses, citing the fact that its customer success team helps partners and customers with advice, training, and support when the team sees customers need it, as opposed to them waiting to ask for help. Additionally, the company uses Productboard, a customer-centric product management platform where customers and the company’s own employees can ask about products to increase customer insight and feedback.
As intermediaries between Secureworks and its customers, partners also play a role in providing the company with customer insight. The more customers partners can get onto the Taegis platform, the more data Secureworks can gather and get feedback on about how to improve the capabilities of the platform. Partners can also do the mapping of potential security threats on the company’s website, and having that visibility combined with transparency about Secureworks’ capabilities creates a positive cycle of sharing information between Secureworks and partners.
Going forward, the world is sure to grow only increasingly dependent on digital service and by extension, need even more security protection. Thomas expects this to create new opportunities for services for partners to provide adjacent to security companies, including securing evolving underlying technology and a growing need for services that support the convergence of currently unrelated IT operations, security operations, and DevOps into a much more integrated DevSecOps approach. “The thing about security is that it has to anticipate digital transformation to secure it and stay ahead,” Thomas said.
Larry Walsh is the CEO, chief analyst, and founder of Channelnomics. He’s an expert in the development and execution of channel programs, disruptive sales models, and growth strategies for companies worldwide. Follow him on Twitter at @lmwalsh_CN.