Download our in-depth report: The Ultimate Guide to IT Security Vendors
There are a lot of different cybersecurity vendors and technologies that organizations can choose from. Helping enterprises pick the best vendors and implement solid best practices is where Tom Parker and Accenture are looking to help.
Parker is the Managing Director of Accenture Security and helps organizations with threat hunting and cyber-incident resiliency. In a video interview, Parker explained what organizations need to think about as they decide where to invest their security budget.
"Our clients are looking for Accenture to help them understand where they will get the best bang for their buck," Parker said.
So how does the Accenture process work?https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Parker said it begins with understanding an organization's existing cybersecurity investments. It's also important to understand how technology is being used within a company to help protect against risk.
"A lot of technology gets acquired and then is not leveraged," Parker said. "So a lot of the time it's about having organizations understanding the value of what they have already invested in."
Parker also suggested that organizations integrate threat intelligence into their cybersecurity operations to help further inform defensive efforts. In his view, a perimeter security device like a firewall might not be operating at its full potential without the use of threat intelligence.
Security policy and configuration management are a large part of getting security right.
"Many of the security problems stem from non-security investments," Parker said. "We're talking about patch management, asset management, which are functions that typically exist outside of security organizations."
When there is justification for a new investment in technology, Parker said his team will make that suggestion. He said he's often asked by companies if they are spending enough on cybersecurity, which really isn't the right question.
"It's easy for us in this industry to say, sure you need more budget and give us more money, but the reality is the conversation you want to have is not about how much money you have to spend, but how to spend smart money on the problem," Parker said.
Related coverage: See Gartner's 10 recommended security projects for 2018.
Watch the full video interview with Tom Parker below:
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.