At Sumo Logic Illuminate, Enterprise Times talked with Dave Frampton, Director of Cloud Solutions, Sumo Logic. In the press conference the day before the podcast, Frampton had talked about context, cloud-based SIEM and SOC-less solutions. ET asked what this meant for customers. Frampton said: “As with modern applications, SOC-less was about cloud native. It was about moving away from traditional tools that are siloed and adopting technologies that were better suited for securing the cloud.”
Frampton also talked about the make up of security teams going forward. This is not about replacing internal teams with those from a MSSP. While Frampton sees a range of different security models he does see the dominant model as involving the security teams inside enterprises.
He said: “You’ll need context from within your own enterprise. The cloud provider is handling the security for the underlying infrastructure. You’re really worried about what is sitting on top of it. You know what that is, you know how to interpret what’s in the logs.”
That leaves open the question of who will make up that team. Frampton said: “You’re typically talking about a DevOps person, an Apps person, an IT Ops Person and a security person from the company whose assets are hosted in the cloud.” These people do not need to sit together or even be in the same location, state or country. The key is to evolve the security team to understand what is important for the enterprise.
To hear what else Frampton had to say, listen to the podcast
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there