Headquartered in Massachusetts; EiQ Networks pioneers in simplified information security and compliance solutions and services which is transforming how organizations identify threats, mitigate risks and enable compliance.
Some of the high profile attacks on media institutions and corporations have hogged headlines and generated hearings on Capitol Hill, many of the government and industry regulations, compliance mandates and other enforced attempts to address risks to enterprise systems, and the critical data in them, have essentially become exercises in reporting, diverting IT resources away from defending appropriately against evolving cyber attacks and infrastructure vulnerabilities. As important as they are to industry/government collaboration, these mandates are simply check-the-box practices that fall flat when it comes to true network security protection. While checking the box will help organizations pass an audit test and raise the comfort level of the board, following the regulations does little to truly secure assets once they are under attack.
What is shaping or changing the industry in the next few years on one perspective would be a focus towards an effective way to improve IT security, meet compliance mandates, protect assets and build competitive advantage is to continuously monitor IT infrastructure and have in place the SANS 20 Critical Security Controls, a strategy for proactively identifying the most common security issues. These controls have been in use by government agencies for years and help over worked and underappreciated security teams prioritize their work load on most critical issues by obtaining answers to questions such as “where am I exposed, and how do I fix these problems”. As a framework, SANS Controls are a superb alternative to checkbox: continuous auditing, assessment and monitoring of the environment exposing where potential issues are and how they should be remediated. I believe that these controls will help change the industry as more and more IT security professionals look to SANS 20 Critical Security Controls to solve their most common security issues.
Entrepreneurs face one fundamental challenge at this point in time, particularly on focus and funding. There are no shortage of great ideas but honing down your value proposition (and solution) to meet a target market's "need to have" is a perennially challenge to founders that tend to get too close to their intellectual property to separate the core value from the nice to have extras that may dilute the value proposition and delay potential customer acquisition. Funding that brilliant idea also seems to be a common challenge for entrepreneurs. Should you self fund, attract outside investors or adopt the "Lean Startup" premise of Eric Ries? My vote is option three: find customers willing to buy into your idea and increment the solution to success on a more scalable level by uncovering a "Minimum Viable Product" and delivering value that your customers will pay for.