Chris Burtenshaw, Strata Security On cloud and IT complexity and keeping off the front page

Times may change, but standards must remain. Or, rather, technologies may change but user behaviour remains. Shadow IT has been in place at many organisations long before the launch of the smartphone, and attempts to take control of it, from the clunkily-named bring your own PC (BYO PC), to the more streamlined BYOD, have been just as common.Now, instead of just shadow IT, we have shadow cloud, as well as what Zscaler recently described as ‘shadow IoT’. It’s all about complexity, and for security managers, keeping an ever-increasing circle of sharks at bay.Chris Burtenshaw (left) is founder of Strata Security, a company which aims to provide ‘joined up’ cybersecurity, removing the silos and giving easy-to-digest insight across an entire estate. With the better part of two decades’ experience as a cybersecurity consultant, Burtenshaw kept seeing the same requests from his clients. His response was to build out a scalable solution – and thus Strata was born.What typically would happen is, towards the end of an implementation for a very expensive monitoring tool – maybe it was a multi-million pound project – somebody would pop up and say ‘how do we show this is delivering value?’ Burtenshaw tells CloudTech. “The tools themselves aren’t necessarily the best place to show the context of the tool.So what I ended up doing was building one-off snapshots, usually in Excel, that allowed them to see what their tools were doing, how those tools were performing, and how they worked with a real customer cybersecurity strategy.”It is safe to say the company’s main product, Strata Insight, is a little more sophisticated than an Excel sheet. As the company puts it, Strata ‘creates metrics that correlate to security control frameworks… granting a new level of mastery over such controls. In this way, [it] helps reveal hidden risks, gaps and imbalances.’ To give a basic example, imagine you have one or more anti-malware tools, and want to know if they are up-to-date across all your systems. Strata brings that coverage data together, enabling you to quickly spot gaps plus track performance against controls.The question of why such a solution is needed raises itself. Complexity is one thing, but should the security vendors themselves have a bigger part to play? “What generally happens is there is a disjoint which comes in during the sales to implementation to delivery process,��� explains Burtenshaw. “A product is typically bought to solve a specific, identified need, and often that can be a technology-driven process that’s led to the selection of that particular product.

Spotlight

Relying solely on cloud provider security tools or piecemeal security technologies leaves your organization vulnerable to unseen risks and drives up cost. The ephemeral and complex nature of cloud risk demands a holistic, automated approach to security. This white paper explains how CNAPP solutions can help you secure and reduce


Other News

Dom Nicastro | April 03, 2020

Read More

Dom Nicastro | April 03, 2020

Read More

Dom Nicastro | April 03, 2020

Read More

Dom Nicastro | April 03, 2020

Read More

Spotlight

Relying solely on cloud provider security tools or piecemeal security technologies leaves your organization vulnerable to unseen risks and drives up cost. The ephemeral and complex nature of cloud risk demands a holistic, automated approach to security. This white paper explains how CNAPP solutions can help you secure and reduce

Resources