Tips and Tactics for Strategic Tooling

Note: This is an auto-generated transcript, which may contain errors.

Shaun: Hello and welcome to Splunk Perspectives, a podcast providing executive takes on security and technology topics by leaders for leaders. Today, I'm excited to be joined by Suid from Rivera, my colleague here James from Splunk. And today we're gonna be talking about how data driven organizations are outperforming their partners that are not so data driven and then also how the economic climate is making significant changes and making organizations think very differently about how they invest in tooling and consolidate their tooling across their organizations.

So Suid over to you, I'd like to maybe if you can just talk a little bit about your role, your organization and the types of customers and challenges that they are facing.

Suid: Thank you very much. Uh Thanks for having me on the show. My name is Suid Adeyanju. I'm the founder CEO uh of River Safe. Uh We're a specialist uh cyber security consulting organization. And we've been going on for about 13 years. Um We service customers in the large enterprise sector. Um And yeah, um we're, you know, we're, we're a big, strong partner.

Great.

James: So, so over the years, there have been many attempts to, to look at kind of the data problems solving kind of the different formats, the growing kind of areas. But ultimately, it comes down to it's just data at the end of the day. Um There's no point having the data without doing the analysis, you know, what are you seeing in the market and gonna uh send to analysis and getting value out of it?

Suid: Um Interesting question. We we there's been a data explosion for many years now. We've seen many organizations uh having data sources coming from different uh data are coming from different sources. Um There's no point in having this data without actually exploiting it. Um Organizations have been able to actually get insight uh from the data they collect have been able to make better decisions. So um being able to have a unified platform to have this data analyzed and leverage properly is absolutely essential and critical for organizations that are going to be making the decisions of the future.

That that's and that's what we're seeing in the market. Uh The ability to use a unified platform to do uh their decision making.

James: I'm going slightly off piece here, but you run a successful business doing consulting. Have you found when you look at security dev ops no matter what it was having that common platform that helps in the training burden of kind of skills, a common language to work because at the end of the day I have the view, an incident is just an incident, I need different people with different thought prices to be able to have a common language to go and work together.

Suid: Absolutely. I think being able to have a common tool across different business units is, you know, it just helps significantly from a cost perspective. Uh And if you look at like, like you rightly said there from a skillset perspective, having to train people in different tools uh uh takes time, effort and effort as well. So being able to uh use the same skill set across, you know, multiple business units and having like a center of excellence to manage uh this tool here to serve this, these business units and their use cases is absolutely essential.

Shaun: And uh makes a business sense uh ultimately, uh in terms of operational efficiency, in terms of reducing cost, uh it's absolutely essential. It absolutely makes sense from a business perspective. But from a technical implementation point of view, it's, it's very difficult to do this, right. So we often see organizations struggling with silos of data across various divisions or departments within an organization. Can you maybe share some examples of the types of use cases that you've seen some success stories, maybe of, of some of your customers where they've decided to bring some of them data sets together.

Suid: Yeah. So there, there are a number of large organizations that we work with where uh especially uh when it comes to uh evaluating tools for their specific requirements. Um they, they, what we see is that these units go out into the market and try and evaluate different tool sets to service different use cases that they have. Um But what we've been trying to do is have conversations with, with them because sometimes we have the, we have a particular tool set put in a, a business user for, for example, in a security cyber security function. Uh And they're using that to actually ah provide monitoring capabilities and alerting capabilities within that, within that uh cyber security department. However, some of this, the data that they have that they're using in for that within that, that unit uh is required by say, for example, the it operations team uh and they are having to then take data from them into their environment in order to actually, you know, start to analyze that and use that for their own purposes or we still collected again. Exactly. So basically duplicating data. So the the the ability for them to, you know, have it in one centralized location uh has been, you know, very useful for them and helps them in whats saving cost as we said earlier on and, and uh the standardizing skill set across uh the business.

James: So I'm gonna dig into this a bit. But um more, but I'd like to, you to think about it in the perspective of a business owner. So we've done some, a lot of research over the years and some of the Splunk research has shown that 80% of the data is shared across security and kind of it monitoring observable kind of anything to do with digital operations. What have you kind of seen in the marketplace of the convergence of it teams, security teams kind of reusing that data and what's maybe some of the barriers you've seen?

Suid: Yeah, it's, it's uh it's quite interesting that question because if you look at the advent of DevOps and DevSecOps, you can see the, the, you know, amalgamation of the DEV development teams and the operations teams and the security teams. Uh and with each of these teams previously, they used different tool sets, right? Uh And as people, you know, as organizations go on the digital transformation journey, they are coming to a point where they have need to have visibility across all of these various teams. So being able to, you know, uh uh standardize uh on uh a particular set of tool sets to use in delivering their, their, their requirement. It's just, it's just golden, it's uh it's what we're seeing in the market. We're seeing a lot of organizations merger, their teams consolidating their tool sets and uh looking at their requirements holistically, uh not just the development in having their own specific requirement and security, having their own specific requirement as well as it operations. But looking at the requirement from a uh a top level and understanding how that can be serviced uh from a unified plug.

James: So Riversafe started as a kind of more security focused company. Then you kind of brought a bit DEV ops specific DEV ops, really digital transformation, digital resilience kind of tool consolidation organization. Do you think it's always hard to describe it?

Suid: Yeah. So it's interesting because we, we pride ourselves on accelerating in terms of value for customers. OK. So when we go into an organization, what we're trying to do is understand exactly what their requirements are there and how we can service that requirement perhaps with the toolset that they already have within the environment. OK. So we're not going in there and trying to sell them new tools, but understand what they have what their requirements are and how they can get better value from what they have. And what we've seen is that we usually go into large organizations, they have, you know, a number of tools, but one or two of those tools can actually do a number of the use cases they already have. So it's about driving much more value uh from what they have in existence. So to answer your question specifically, yes, we, we started off as a cyber security consulting company. But as we get involved in, you know, we need monitoring capability, for example, in uh in the cloud for this project that we're doing. We, we started looking at how we can help our customers to, to put that capability in place. And uh that's helped us to that then move to the DevSecOps space. And ultimately realizing that just doing DevSecOps needs the engineering team, right? And if you want to get the engineer team on board, you need to be able to speak their language. So um having a, you know, uh uh a skill set and the capability to, to talk their language from an engineering perspective allows us to then also help them integrate security into what they are doing. And that's kind of how we can work as an organization to be able to cover all these uh various facets.

Shaun: Such a great journey. So let's maybe dive into this tool consolidation for a second because it's, it's a great idea, right? The idea if you can make uh consolidated tool decisions at a much more senior level than everybody can use the same tools, wonderful. But realistically, it's, it's difficult because that means that you're taking away the ability of maybe your it operations manager to make decisions about their security tooling and their dev ops people to remove some of their autonomy. Maybe. So how do you go about or how have you seen customers uh making that leap as it were to a much more strategic view on their tools?

Suid: Frankly, a lot of the customers that we're working with. We're seeing that this initiative is coming down from the board. And it's coming now from the finance team. Uh there's an, there's an incentive, especially in this economic climate. Uh There's, there's a drive to lower the costs. And as this is coming down uh to the teams, it's, it's, you know, it's becoming a bit easier to have a conversation with them around. Why are you looking at buying another tool? You've got this specific tool which is providing this capability within this other department, for example, in the IT operations department, why don't you extend that to give you, you know, to help service your use cases in the security department or in the devops teams. So although the politics involved is not as easy as, you know, I've just described it, but, you know, when there is a drive, a cost drive coming down from senior management, it's, sometimes an easier conversation to have with the, the, the, the management team.

Shaun: There's almost a forcing function to, to get departments to talk to one another.

Suid: Absolutely. Yeah, absolutely. Um, you know, you, you, they're being told to reduce cost and if you're helping them to achieve that objective, then, yeah, they tend to listen to you.

James: Yeah, it's part of like reducing costs quite often, what we see is taking offline processes or processes that part digitize maybe move that to the cloud. Um Look at that digital journey. That's a complicated thing because you have to understand your process about. Do you still like your process? Do you want to revamp your process? What technology gonna bring? What risk is gonna bring change management, all of those different types of things. What advice would you give to people that are, are thinking about or preparing for some of those digitization changes? Difficult word to say.

Suid: A number of things that we, we always uh kind of recommend to um our clients when they're going on that journey. Clearly. Um The key thing is you want to make sure that you're putting security at the heart of what you're doing. Um especially when you're creating a platform that is being shared across different business units. You want to make sure that the right level of controls are put in place so that um the different departments have access to the right data. So it's like least privileged kind of principles and just make sure that they're not, you know, you're not giving them access to everything, they don't really need to, to have access to it. So we, we, we we tend to kind of um talk to them about that. The other thing about it is, is about looking about looking at hybrid solutions. So looking at software vendors or solutions that have the capability to provide on prem and, and, and cloud uh capability. Because at the end of the day, especially with large legacy organizations, they still have, you know, a lot of legacy applications they have, you know, um uh old kit sat somewhere in the data center which nobody wants to touch. Right. So it's absolutely essential that you're still able to, you know, provide the, either whether it's security or whether it's observable around those tool sets. Whilst you're looking at your plan to migrate into the cloud. So having a solution that can help you, you know, uh bridge that gap uh and give you visibility across your on prem and cloud is also absolutely essential. And I, I think it's important about when it comes to consolidation is understanding the use cases for each of the business units that you have within the organization. How do you then understand what data sources drive those use cases and how you actually, you know, uh decide to kind of bring those data sources, the data info you need together in order to service the requirement that you're looking for. So those are the kind of, you know, just a few points that uh not much.

Sean: Wonderful. Well, thank you. That's, that's been really interesting. I've enjoyed this conversation very much so. So, thank you very much for joining us here today. Uh Thank you very much for listening today. This has been Splunk Perspectives. I'm Sean Cooney. Thank you for listening.