The Remote Security Advantage
By Charlie Thomas,
When Deepwatch was founded in 2015, we saw many opportunities to do things differently — with unique solutions and service delivery. One thing we noticed and changed was the fact that most MSSPs operate exclusively from physical Security Operation Centers (SOCs). We opened physical Deepwatch SOCs as well (Denver and St. Petersburg), but we engineered the company from day 1 to allow for remote analysts, engineers and threat hunters in support of our customers and SOCs. Our virtual SOC model provides many benefits to our customers — notably, we’re able to recruit and hire the most talented security team members from anywhere in the U.S. This inherent work from home (WFH) architecture and mindset behind Deepwatch has provided us with maximum flexibility.
Business and Service Resiliency
As mentioned, Deepwatch was designed and engineered from inception for every employee to work from home. As a result, our business has been architected and operational from an access, security and compliance perspective to fully support a remote team. Working from home is an integral part of our business operations — all Deepwatch employees have home offices and are well trained and fully accustomed to working remotely. In addition, our team works on staggered schedules. This unique structure results in our environment, infrastructure, and standard operating procedures having the advantage of non-traditional Disaster Recovery and Business Continuity. This delivery model with distributed personnel and secure remote connectivity provides an inherent business continuity protection for our customers. Given the cloud-native aspect of our platform and technology partners, we also have inherent business continuity in our platform architecture.
Cloud-Native Security Operations
The Security Operations (SecOps) Platform supporting all of Deepwatch’s offerings is built on a cloud-native architecture. Our SecOps Platform in turn provides comprehensive coverage for every aspect of our customers’ security operations by seamlessly integrating industry-leading and Deepwatch proprietary technologies. This allows us to proactively protect our customers with security best practices, eyes on glass 24x7x365, and rapid response to mitigate active threats knowing that our solution is reliable, and can scale to meet demand. This has made us resilient to issues affecting particular geographies, as our virtual workforce when combined with our cloud-native SecOps Platform allows us to work through external events which would disrupt a normal brick and mortar’s operations.
For organizations looking to become cloud-native an analysis of the applications, databases, and integrations will be required to understand the level of effort to make this transition. Some applications will need to be rewritten from scratch, some third party applications may not support the new environment and alternatives will be required. This leads some organizations to perform a lift-and-shift to move out of their data centers and into the cloud to more quickly take advantage of the benefits of cloud infrastructure. This aspect of digital transformation has important implications for your brand and company assets. Whichever direction an organization takes, key dependencies include: understanding the type of data to be stored, interactions between systems and users, and where security controls need to be implemented. This will allow the organization to optimally manage risk associated with the new environment, meet compliance and regulatory requirements, and update policies, procedures and provide training.
Deepwatch has a stronger ability to attract and retain highly skilled cybersecurity talent than other MDR/MSSPs. By operating physical SOCs our competitors are limited to the talent that is already present in specific locales, or talent that is willing to relocate. This results in a much more narrow talent pool to recruit from and results in compromises to fill open positions. Deepwatch’s talent pool is all of the United States. We have analysts that secure our customer networks 24x7x365 from Boston, MA to Honolulu, HI. We have the top talent and have provided them with the work-life balance to be more productive.
Today, MSSPs continue to announce openings of “Cyber Fusion Centers,” new offices, and new physical SOCs. By design, they are unable to attract the top talent, are tied to on-premises systems, and utilize technology that is by design unfit for modern security operations. If you would like to learn more about running a remote security team, please feel free to reach out to us. We are happy to talk you through any challenges you might face.