3 Reasons to Partner on Incident Response and Forensics
By Isaiah Hogberg
Data breaches have become commonplace, leading to an increased demand for security services. Gartner says spending on information security will reach $90 billion in 2017, an increase of 7.6 percent over 2016, and top $113 billion by 2020. Analysts expect spending on better detection and response capabilities to be a key priority for buyers. A recent Forbes Insight survey shows 68 percent of respondents plan to enhance their incident-response capabilities in the next 12 months.
Partners looking to help customers strengthen their security postures may want to connect with a security incident response and forensics firm, or even add such a practice, to proactively protect your clients before they experience a breach. Here are three reasons this is a worthwhile investment.
1. It can bring you additional sales opportunities.
If your clients are subject to regulatory standards such as PCI DSS, HIPAA, SOX ITGC/COBIT, NIST 800-53/FISMA, or NERC CIP/SCADA, they’re required to have an incident-response capability. By partnering with a cybersecurity incident response team, you can enhance your position as trusted adviser by helping them ensure they’re in compliance with industry mandates. It can also lead to additional sales opportunities for you. For instance, the cybersecurity incident response team might identify weaknesses in the client’s IT security that you can help address.
2. It demonstrates you’ve got your clients’ best interests at heart.
When it comes to cyberattacks, the common view is that it’s not a matter of if a company will be attacked, but when. Today, the view is changing from “when" an attempt will be made to “when will we be successfully attacked." Only the largest enterprises can afford to have an IR (incident response) team in-house. It takes specialized and well-equipped personnel to deal with attacks — they must work expertly and efficiently to minimize loss, protect the organization from further damage and restore operations. Experts can work side by side with your client’s team, providing an authoritative voice on the best actions to take and when to take them. By using industry-leading tools to capture and analyze the data in a forensically sound way, they give your client insight into what has been compromised and how it was done. And of course, they can help clean up after the incident and make sure the problem that let the attacker in is fixed. Having this level of security experience at hand can be a strong selling point as you talk to prospects.
When clients have a cybersecurity-incident response team on retainer, that team can become familiar with the customer’s business and infrastructure and thus can act quickly and effectively if an attack occurs. In my experience, it’s much more cost-effective to have a team on retainer than to pay them after a breach has occurred.
3. It protects your business.
When a breach occurs, failure to maintain chain-of-custody – and therefore the ability to ensure the integrity of collected data – may result in the validity of that data being questioned. This is particularly true when working with multiple teams that might include your client’s internal departments as well as your own organization. Given how closely you no doubt are working with your clients, the last thing you want is to inadvertently compromise data forensics as a result of less-than-optimal chain-of-custody procedures.
With 79 percent of companies having experienced a cybercrime in the past 12 months, selling your solution with a cybersecurity-incident response plan is in your clients’ best interests and yours. At the end of the day, partnering with an incident response team enhances your capabilities with specialized expertise that will strengthen your position as a trusted adviser for your clients and could lead to additional sales opportunities.
As vice president of channel sales for ViaWest, Isaiah Hogberg is responsible for managing strategic partnerships along with driving and delivering hybrid IT solution sales for the channel partner program.