Verizon Enterprise Solutions , which conducts an annual Data Breach Investigations Report in addition to offering a range of security services, got a jump on the security news this week by announcing a new strategic alliance with Deloitte Development LLC , designed to make it easier for enterprises to do one-stop shopping when it comes to preventing and mitigating cyberattacks. (See Verizon, Deloitte Team on CyberSecurity and Verizon Offers Industry-Specific Security Advice.)
This is a clear example of how network service providers are trying to differentiate and refine service offerings that are as critical, but as basic, as security. Verizon has a well-established track record in detecting, tracking and investigating cyber security incidents, but Deloitte brings more specific expertise in how businesses need to respond to cyberthreats in terms of business strategies, governance and compliance issues, risk and remediation. (See Verizon Aims Big Data at Data Threats.)
The strategic alliance brings all of that to bear in one solution, says Bryan Sartin, director of investigative response for Verizon Enterprise Solutions.
"This is not a little thing -- what they have to cover in response to an attack is substantial," he explains. "This gives them one single outlet and a one-stop shop to do that."
Enterprises today that are most on the ready keep a company like Verizon on a "rapid response retainer" so they can literally have boots on the ground as well as phone support anywhere in the world within 24 hours, Sartin says, so that the second an attack is detected, the response begins.
But it's not atypical for enterprises to only become aware of attacks when notified by a third party and, at that point, the victim company may be referred to Verizon by a law enforcement agency or outside counsel. "Our job then is to come in and stop the bleeding," Sartin says. The strategic alliance with Deloitte makes these responses more thorough because Deloitte's consultants can be addressing governance and compliance issues immediately, while Verizon's focus is on the technical issues.
In a business climate where the reality is that cyberattacks will keep happening, this kind of more thorough response becomes important for many businesses, Sartin notes. It's not enough to detect and stop a data breach or other problem, when the aftershocks of that attack will ripple through business strategies and potentially cause legal and government compliance issues for years to come.
And, he adds, in probably the best quote I've gotten from a security guy in a long time: "We are able to understand the 'cops and robbers' end, and they can span into the other aspects of the back office, governance and risk management part."
As security and managed security services become something most network operators have to offer, I'd imagine more operators will look for this kind of differentiation, and some may have already. Verizon does seem early to the party.
— Carol Wilson, Editor-at-Large, Light Reading