Have you ever floated down a river on a tube or in a boat—just drifting along on a sunny day, enjoying clear skies, fresh air, and the beauty of nature around you? It’s very peaceful. Now, have you ever tried to go against the flow and go upstream? There is nothing peaceful about it. Even if you succeed in paddling upstream, it is unlikely that either the experience or the result is worth the effort invested. When it comes to cybersecurity, though, many organizations are doing just that—trying to swim upstream.
Doing Things the Hard Way
I used to do things the hard way. I liked to build my own PCs back in the day. It was fun and interesting to me, and I rationalized that I could build a PC cheaper than buying one with comparable specs.
I would buy the supplies necessary and then put it all together. There were always challenges to get everything installed properly and working together—especially back in the days of setting IRQ and DMA settings with physical jumper switches on the motherboard. Once it was complete and up and running, there would often be issues with incompatibilities between hardware components, or driver updates, and fine tuning to try and optimize performance. Unfortunately, the burden was completely on me to resolve any issues because each of the component vendors would just point fingers and blame a different component.
One day, I switched things up and just bought a PC off-the-shelf. Experts in PC engineering and manufacturing had worked everything out and put it together for me, so all I had to do was turn it on. Compatibility, configuration, and optimization were all challenges for the PC vendor to resolve. When I ran into any issues, I had one vendor to contact for support, and they had nobody to point fingers at because they were responsible for the whole PC.
I said earlier that building my own PC was cheaper than buying one off the shelf—at least on paper. Ultimately, when you consider the time and effort on my part to build, configure, optimize, and troubleshoot my homemade PC, it wasn’t actually cheaper. On the contrary, it was more expensive.
Cybersecurity that Goes with the Flow
Many organizations handle cybersecurity much the same way I used to build PCs. They don’t really have the knowledge or experience necessary to implement and manage cybersecurity effectively, but they know enough to muddle through. They research options to the best of their ability and buy the security tools and platforms that seem to make sense—firewalls, endpoint protection, log management, intrusion detection, and more. Once it’s all in place, they are responsible for managing and optimizing protection, and for identifying and responding to security incidents.
This do-it-yourself approach generally ends up costing more money and requiring more time and effort for cybersecurity that keeps CISOs and IT managers up at night—worried that cyber attacks will compromise their network or data.
Just like I discovered it was both better and less expensive to buy a PC engineered and built by people who know what they’re doing, the alternative for cybersecurity is to work with a company like Alert Logic that provides the protection you need, the intelligence to identify emerging threats, and the experts to monitor the network 24/7 to detect and respond to security incidents while saving you money at the same time.
The moral of the story is that it doesn’t make sense to “swim upstream” and try to do things the hard way when you can let professionals do it for you—providing both cost savings and peace of mind at the same time.