… the lack of security talent and expertise, Hinkley said.
“So from a channel perspective, if it’s hard for Fortune 500 and Fortune 1000 companies to attract security talent, it’s going to be (much) harder for a Pacific Gas and Electric (PG&E), for example, to attract potentially the security talent they need to be able to build out all of the capabilities they need internally,” he said. “So from a channel-partner perspective, there’s an opportunity to find solutions that can help secure that critical infrastructure that’s out there, or the industrial control systems, and therefore sell some turnkey security solutions to help detect and protect the industrial control systems that are now coming online.”
Christina Richmond, IDC’s program vice president of worldwide security services, said partners just starting out in managed security services should steer clear of utilities and critical infrastructure because it is extremely difficult.
“It takes a very particular set of capabilities and tools,” she said. “There are some security service providers, whether they’re MSSPs or just consulting companies, who can handle that utility or critical-infrastructure environment, but it’s still really the wild west for advanced service providers. It’s really difficult to monitor and very difficult to find challenges in.”
In the meantime, awareness of critical-infrastructure vulnerability is going to help drive understanding, and understanding is going to drive action, Hinkley said.
“Similarly, if you look at any other key sectors, whether it’s health care or financial services, you’re now seeing those industries have always been on the leading edge of thinking about security, but even more so now because you’re seeing the results of breaches in the digital economy resulting in CEO turnover,” he said. “So it isn’t being contained to just the information security officer or even the CIO when you now have officers of the companies that are being held accountable for breaches, like Equifax and others. It’s that awareness that in this digital economy it is really the responsibility of everyone in the company, up to and including the officers of the company, to understand and have an appreciation of what the risks are to the business in the event of a software attack or a cyberbreach.”
Identity Guard, an identity theft protection service provided by Intersections, has been paired with IBM Watson. Identity Guard uses Watson’s cognitive computing to personalize and customize its protection against identity theft and misuse of personal information.
Barry Kessel, Identity Guard’s chief marketing officer, tells us that businesses and organizations are providing the service to their employees as an employee benefit.
“Because the Identity Guard-with-Watson solution taps into many, many data sources – from the dark web, to public records, to social media and credit bureau data – we can more quickly and thoroughly identify patterns that pose threats by …