From new extortion schemes, outside threats and rising cyber attacks, the art of securing the customer has seldom been so complex or challenging.
Security, or a distinct lack of, continues to break the world’s most iconic organisations - think Target, Sony or Home Depot - with attacks now reaching New Zealand with aggression and pursue.
Since January, the Inland Revenue, Z Energy and Vector have fallen victim to media headlines and public scrutiny, not to mention a government minister impersonated via social media.
But despite the market shift, one technology provider has been navigating the stormy waters of security for more than three decades in the Kiwi market.
“We believe a successful security technology provider is one who can be responsive to the ever-changing IT security risks,” said Ashton Jones, general manager of SSS IT Security Specialists, when speaking to Reseller News.
“They provide a wide set of effective solutions to allow for proactive monitoring and protection against sophisticated cyber attacks.”
Offering more than “just the tools”, Jones said an expert partner also provides the consultancy service and support required to help customers understand gaps and requirements.
“We are developing our already established capabilities in identity management and security operations to offer a wider set of services to our customers,” he added.
“We have several sectors in New Zealand that we are expanding into and a big push into Australia, particularly in finance.”
With a “complete focus” on security, SSS has been servicing government and corporate customers in New Zealand and across the world for more than 30 years, providing expertise across consulting, solutions and ongoing services.
Key offerings span business continuity, cloud and security, with in-depth skills across data, encryption and enablement, alongside endpoint and mobile offerings.
All up, the Wellington-based business provides end-to-end capabilities across security, backed up by software development and consulting services.
“We have a complete focus on IT security and do everything possible to ensure that we do what is right for our customers,” Jones added. “We can work with customers at every step of their IT security journey regardless of where they are at.
“Whether they are looking for risk management, gap analysis, certification, assessment, incident review and response, IT security tools or training - we can provide it.
“We do not simply provide a one-size-fits all solution, but instead we work with our customers to provide the solutions they will get the best value from and be in the best possible position to protect themselves.”
Specific to technology, SSS leverages vendor partnerships with Sophos, Entrust and Venafi, as well as Alien Vault, Gemalto and Palo Alto Networks among others.
“We are constantly evaluating and reviewing threats and the technologies coming to the market to ensure that we are as responsive as possible to help best protect our customers,” Jones added. “We look at the threats our customers face on a day-to-day basis and investigate ways in which we can best help mitigate these.”
Despite 95 per cent of CIOs expecting cyber threats to increase over the next three years, only 65 per cent of organisations currently have a cyber security expert, paving the way for third-party providers to capitalise.
That’s according to Gartner findings, which reveals that skills challenges continue to plague organisations that undergo digitalisation, with digital security staffing shortages considered a top inhibitor to innovation.
“A large focus for us is to work with our customers to understand their risk profile, current maturity and recommend solutions that are going to best protect them based on these findings as well as their budget,” Jones added.
While technology plays “an important part” of any customer strategy, Jones advised that an effective defence against cyber security threats starts with understanding business risks.
“This is followed by user education because users are the weakest link and the best protection,” he cautioned.
Within the context of security, Jones said investments continue to increase across emerging technologies, spanning cloud, digital transformation, DevOps and container solutions, alongside artificial intelligence and automation tools.
“All of these technologies have requirements for IT security and make the overall challenge more difficult,” Jones added. “These are all areas that we are expanding into in terms of services and solutions.”
Citing findings revealed during RSA Conference 2018, Jones said current customer challenges centre around the “method, frequency and sophistication” of targeted attacks that companies of all sizes are exposed to daily.
Going forward, security is projected to account for 40 per cent of customer technology spend, with 60 per cent of this directed towards security operations and incident response.
“Identity is also a growing area and is being touted as the ‘new perimeter’,” Jones said. “Identity isn’t simply about a user, it covers devices, users and applications, and has multiple facets including identity assertion, access and authentication, and governance.”
Closer to home, Jones said New Zealand is currently being “bombarded” by less sophisticated, drive by, type attacks, with the market “slowly” seeing these become more targeted and harder to detect.
“We believe that we will increasingly see New Zealand companies being an entry point to parent or partner companies who represent bigger payoffs or because they represent easier targets to breach,” he added.
When assessing the changing dynamics of the Kiwi channel, Jones said partners continue to face challenges around the “mismatch” of growing demand for security specialists, in contrast to the ongoing shortage of skills across the country.
“We are working towards overcoming these by bringing great people into the country and working with universities to build more awareness around the different areas of IT security that students are not aware of,” Jones added.
“Our key priority is to continue working towards becoming one of the best employers in New Zealand through building a great culture and developing our staff.
“We firmly believe that a focus on staff will result in staff engagement and productivity along with better customer service and increased profitability. Part of this process is hiring great people and over the remaining months of the year we have a number of roles we will be looking to fill.”
According to Jones, at least one of these roles comes in the form of a security intern, with the provider joining forces with Victoria University and the Summer of Tech programme to source the leading candidates.
“SSS will also be extending the number of solutions we offer bringing new tools and services to the market that offer better protection to our customers against increasingly advanced and frequent attacks,” Jones added.
“Vendors can add value by not pushing partners and customers to ‘close deals’ and instead working with us to understand the New Zealand market and add real value to both customers and therefore the partners.
“Vendors should also recognise that different types of partners offer different levels of service. At SSS we are largely self-sufficient, and our good partners trust us to handle the customer relationships and provide us with support when we ask for it.”