ChannelLife New Zealand logo
Industry insider news for New Zealand's technology resellers
Story image

LogRhythm outlines the healthcare opportunity for SIEM

By Heather Wright
Wed 9 Nov 2016
FYI, this story is more than a year old

Security intelligence and analytics vendor LogRhythm is urging local resellers to up their focus on the security market - now - and consider the opportunities presented by the healthcare sector, with both markets currently seeing high growth in IT spend.

Bill Taylor, LogRhythm Asia Pacific and Japan vice president, says while security spend has traditionally accounted for around two to three percent of enterprise IT budgets, that number is soaring.

“I can tell you going forward it will be five times that amount,” Taylor says.

“In terms of the commercial world they will have to spend between 10% and 15% of their annual IT budgets to protect themselves and their organisations.

“That’s an opportunity for resellers to capitalise on the security trend and that rapid movement. It’s seeing huge growth and it’s happening now so get in, get on board now, get your people trained up and get into the security business.”

Healthcare too, is seeing increasing demand for security as attacks on the sector increase, and Taylor says there is real scope for automation within the sector.

“Healthcare systems aren’t in great shape across the world and have suffered from being quite old in a lot of cases.

“A lot of tools, a lot of pieces of equipment have got very basic software on there from the mid-90s and quite often it’s not patched and leaves patients and patient records exposed to these nefarious threat actors who want to use it for financial gain or political gain.”

While patching those systems can be problematic - with many of the products, tools and software used no longer supported, he says patching them ‘to as up-to-date as possible’ is a start point.

“But on a broader front, having a series of tools that can automate a lot of this is going to be the real answer,” he adds.

“If you’re building a security operations business to protect you, you need to look at the fundamental things that are going to take care of you.

“And the first thing to do is to make sure everything is patched and up to date as much as you can and then implement a security intelligence platform to allow you to monitor and measure your baseline from what it was to what it should be and what it should be going forward.”

He says the key is having software which will monitor all the devices and provide the ability to review them and see what they’re up to and where they’re at.

“It’s impossible to do it on your own and you do need help. You need actionable threat intel, things like what are the indicators compromised, what are the changes to the external threat environment and how does that affect you internally and then things some analysis looking for some context around the incidents, the events, the threats, the campaigns, the history and how it is related to attacks you have seen or been aware of.

“It’s really having the intelligence to react and respond accordingly and take that to the executive and say these are the issues we’re facing.”

Taylor admits the healthcare sector traditionally hasn’t spent big on IT security, but says a base level of software can be ‘reasonably inexpensive’ and provide reporting, alerting and some automation to remediation.

“Having that is really important because it is impossible to read the hundreds of millions of logs and data coming out of all these devices, plus their own IT infrastructure, and their own email systems. It’s impossible.

“We recommend they have a suite of software that will automate their baseline for 90% of the environment and deal with 10%. Whereas at the moment they’re probably dealing with 50%. Really it’s making the start, stepping onto the ladder and then building thereafter,” he says.

“Having a breach is significantly more damaging than spending $50,000 or $80,000 on a fairly sophisticated security intelligence system,” he adds.

Taylor says increasingly LogRhythm is seeing resellers turning to the MSSP model to deliver the vendor’s security intelligence and analytics - something smaller healthcare organisations can harness those offerings. Larger healthcare organisations will however, need to complement it with internal, on-premise solutions as well.

“We’ve got quite small organisations that were traditional resellers of less than 20 people and they’ve kicked off an MSSP arrangement, so they’ve invested in a SOC and run our software and some other tools as well and offer that service to clients.

“Every month we get at least a couple of companies wanting to do this. So that’s new for us in the last 18 months seeing companies with this business model. And maybe they provided some consultancy services before, or they’re a traditional reseller or partner and have decided to take a slightly new tack on that security perspective and go on.

“You can also bundle that with an off-premise solution and an on-premise solution, so you can say we offer an MSSP offering to you for $x month, but at the same time if the customer would prefer to buy their own security operations centre or set up there own, then the reseller can offer that on premises as well.”

Related stories
Top stories
Story image
ValueFlow and FLI announce capital alliance for enhanced channel outcomes
ValueFlow and Founder Led Investments (FLI) have announced that they have entered into a capital alliance, which looks to expand ValueFlows business in Australia and Asia Pacific.
Story image
Fortinet attributes Gartner-reported growth to ZTNA approach
Zero-trust is slowly becoming a dominant enterprise security strategy for businesses, and the Gartner report highlights that although prominent, it is often underutilised.
Story image
Cyber resilience
NZ’s Cyber Resilience Framework to be evolving and potentially automated
The government's already putting $2.4 million into the Cyber Resilience Framework in its initial stages, what is it and why is it important?
Story image
CDC hyperscale data centres now open in New Zealand
CDC Data Centres (CDC) says two new, state-of-the-art hyperscale data centres are now open for business in Auckland.
Story image
Ingram Micro
Ingram Micro NZ Showcase On The Road is full steam ahead
After a year of COVID-19-related disruptions, the Ingram Micro Showcase On The Road 2022 is finally going ahead, with registrations now open to interested parties.
Story image
Hands-on review: OPPO Find X5 smartphone
With the release of the new OPPO Find X5 in March, we got the opportunity to explore another one of their premium devices.
Story image
Samsung introduces new generation of foldable smartphones
Samsung has unveiled its new range of Galaxy Z smartphones, bringing new developments to the company’s foldable smartphone portfolio.
Story image
Dicker Data
Dicker Data brought on as Acronis partner for A/NZ
The news about the partnership comes in as cyber criminals continue to exploit gaps in traditional solutions and strategies in NZ and across the APAC region.
Story image
Hands-on review: JBL Flip 6 portable speaker
Once you switch it on, and listen away for up to 12 hours, you will quickly realise that this is a little speaker looking for a party.
Story image
Cloud and data protection big challenges for NZ businesses
"This surge towards a cloud-first approach meant security and safety became afterthoughts - there's no point being the fastest car on the racetrack if you crash.”
Story image
NZ program recovers and recycles more than 177 tonnes of e-waste
The TechCollect NZ pilot program says its milestone of recovering and recycling more than 177 tonnes of ICT e-waste recognises the efforts of many.
Story image
Education sector seeing highest volumes of cyber attacks
When breaking down the numbers to education attacks by region in July 2022, A/NZ was the most heavily attacked.
Story image
Organisations exposing highly sensitive protocols to public internet
More than 60% of organisations expose remote control protocol SSH to the public internet, while 36% of organisations expose the insecure FTP protocol.
Story image
Cyber attacks
Dramatic uptick in threat activity with exploits growing nearly 150%
"While it’s not a surprise given increased attack opportunities like remote work, it’s still a worrying development and one we cannot ignore."
Story image
Artificial Intelligence
Exclusive: NZ-based DEFEND offers global cyber protection
DEFEND supports customers in 66 countries across the globe with a relentless focus on ensuring that every dollar spent on security provides a meaningful return on investment and reduces cyber risk.
Story image
Hands-on review: Arlo Go 2 security camera
In my humble opinion, Arlo Go 2 offers security for anyone needing to keep a remote eye on prized possessions or premises at different locations.
Story image
Ministry will no longer accept equipment from Chinese firm Hikvision
The Ministry of Business, Innovation and Employment (MBIE) says it will no longer accept equipment from a major Chinese surveillance camera maker.
Story image
How well do rangatahi understand cyber safety in Aotearoa?
Do rangatahi in Aotearoa understand the importance of being safe online, or has lifelong exposure to the internet resulted in widespread complacency?
Story image
Application Performance Monitoring / APM
New Relic integrates offering with Atlassian’s Jira Software
New Relic has integrated errors inbox with Jira Software to allow developers to easily access and set up complete stack error tracking and software performance monitoring from within the tool.
Story image
9 in 10 retailers prepared for economic challenges this year
Some 9 in 10 retailers (86%) are prepared for continued inflation, higher interest rates and potentially lower consumer spending, according to new research.
Story image
Data Protection
Zero Trust, but verify - finding the OT in ZerO Trust
The move to remote and cloud-based technologies has shifted the goalposts for cybersecurity. It now needs to cover multiple people, devices, platforms, and networks.
Story image
Machine learning
Sysdig releases CDR offering to combat cryptojacking
Sysdig has unveiled a cloud detection and response (CDR) offering powered by machine learning to combat cryptojacking.
Story image
New range of Samsung Smart Watches announced with health focus
Samsung has announced new additions to its SmartWatch portfolio, with the Galaxy Watch5 and Galaxy Watch5 Pro to be released in late August.
Story image
Dark web
Beware the darkverse and its cyber-physical threats
A darkverse of criminality hidden from law enforcement could quickly evolve to fuel a new industry of metaverse-related cybercrime.
Story image
SnapLogic teams up with meetmagic for charity and children
SnapLogic has announced its partnership with meetmagic, an online Australian platform that combines business and philanthropy.
Story image
Attacks on gaming companies more than double over past year
The State of the Internet report shows gaming companies and gamer accounts are at risk, following a surge in web application attacks post pandemic.
Story image
Snyk announces plans to expand partner network in APJ
Recognising that partnerships are critical for growth, Snyk is building an entire partner ecosystem that will drive its expansion across APJ.
Story image
Google Cloud
Google Cloud to open first cloud region in NZ - among others
Google Cloud has announced plans to bring three new cloud regions, one each in New Zealand, Malaysia and Thailand.
Story image
Tech job moves
Tech job moves - Fastly, INX, Kinly, SmartBear & Vectra AI
We round up all job appointments from July 29 - August 12, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
10 misconceptions about Techday and how it operates
Even with 17 years in the tech news space, Techday still finds that there are a range of things people misunderstand about how we operate.
Story image
Ingram Micro
Ingram Micro NZ sees $74 million revenue growth in 2021
Ingram Micro New Zealand's latest financial report reveals that its revenue from contracts with customers increased by almost $74 million in 2021.
Story image
High level of Customer Identity & Access Management adoption
The study from Okta revealed that the pandemic has either accelerated or highlighted the need for digital-first strategies.
Story image
Home security
Hands-on review: Eufy Wire-Free Dual Cam Video Doorbell 2K
We have had our house secured by Eufy products for over seven months now. We love the brand, and it has never let us down.
Story image
Home Entertainment
Hands-on review: TCL 65″ C835 Mini LED 4K Google TV
We introduce you today to a TV that brings the height of immersion to your viewing experience: The TCL 65″ C835 Mini LED 4K Google TV.
Story image
Nozomi Networks adds nine partners to its MSSP program
OT and IoT security company Nozomi Networks has added nine new members to its MSSP Partner Program, and the list includes CyberCX and Deloitte.
Story image
Privileged Access Management / PAM
The importance of stopping identity sprawl for cybersecurity
The 2021 Data Breach Investigations Report (DBIR) shows that 61% of all breaches involve malicious actors gaining unauthorised, privileged access to data by using a compromised credential. Unfortunately, it is often too late when the misuse of a credential is detected.
Story image
Garmin expands NZ footprint with new Auckland distribution centre
The facility at Goodman’s Highbrook Business Park will be fully operational from October 2022 and features 3,586sqm of warehouse space.
Story image
Hands-on review: Huawei Watch D smart watch
The Huawei Watch D is the latest flagship smart watch from the Chinese tech giant, and it's further proof that the company is more than capable of competing with the likes of Samsung and Apple in the highly competitive wearable market.
Story image
Hybrid Cloud
The essential guide to digital transformation by SolarWinds
Digital transformation is a buzzword thrown around all the time by companies, but what does it actually mean and why is it important? SolarWinds breaks it down.
Story image
New Zealand cloud provider challenges Google's claims on data control for region
A Wellington cloud services provider says Google's claim it will offer New Zealanders complete control over their own data is not true.
Story image
Why printing security plays a vital part in keeping Aotearoa safe
While internet printing, mobile printing and other similar technologies have no doubt made things easier to manage, it has also brought a whole new set of problems to the table.
Story image
Microsoft announces Pax8 as indirect CSP distributor in A/NZ
Microsoft has recently announced Pax8 as a Cloud Solution Provider (CSP) indirect distributor in the A/NZ region.