B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 1 month ago

Building a Cybersecurity Center of Excellence

ABOUT THIS EPISODE

The biggest threat that tech companies face when it comes to cybersecurity isn’t virulent new ransomware or zero-day attacks—it’s a lack of expertise and a shortage of qualified talent. 

But Ingram Micro is fighting these challenges by realigning, focusing on integration and building a crucial knowledge base.  

Join Shelby Skrhak for a conversation with Jonathan Silsby , director of Solution Design and Services, and Shawn Mininger , Channel chief information security officer, about Ingram Micro's revolutionary cybersecurity Center of Excellence initiative. 

  • How the Center of Excellence will truly benefit customers
  • De-siloing vital information from subject matter experts
  • The integration and alignment of knowledge to further benefit customers   

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk 

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify,Apple Podcasts or Stitcher . Or, tune in on our website .

You're listening to B two B Tech Talk with Ingram Micro, the place to learn about new technology and technological advances before they become mainstream. This episode is sponsored by Ingram Micro Security Strengthen your Security practice. Let's get into it. Welcome to B two B Tech Talk with Ingram Micro. I'm your host Shelby Scare Talk and our guest today our song Manager Channel, Chief Information Security Officer of Ingram Micro, and Jonathan Silsby, Director of Ingram Micro Solution Design and Services. Sean and Jonathan, welcome, Thanks for having us, absolutely, thanks for having us. Excited to be here. Yeah, well we know we're Today we're going to talk about cybersecurity Centers of Excellence. But first off, Sean, before we get into maybe the specifics of what a cybersecurity c o E does high level? What is I mean, what are we talking about when we say a center of excellence? Are there are there different types? Or is this more of an abstract concept, uh, something that's a term but not necessarily a tangible thing. Well, Gardner defines the CEE as a physical or virtual center of knowledge that concentrates expertise and resources. The idea is to make that available those resources available. You know, normally, the idea is, let me give an analogy. If I were to go to New York and I wanted to see the sites those resources are spread out. New York's a big place. How do I access those resources? How do I get to see the sites? Well, that's why you have grand central stations, that center point where I can go to and have access to all the places I want to see. The idea behind the ce OE is it's a central place that we can align all of our physical and virtual resources so that our cybersecurity racists are accessible. So, John, why is a c...

OE important nam as particularly in cybersecurity? But you know, why does the business need one? That's a that's a really great question. So in the industry, right, and by industry I mean technology, right, the biggest threat that we really face today is not the latest ransomware, the latest zero day attack, but it's lack of expertise, right, as Sean likes to say, there's not enough good guys to fight the bad guys, and and our adversaries now are not you know, pimple faced kids eating Cheetos in the basement, right, We're talking about nation states and and globally distributed organized crime, and there's very little respect for laws and borders, and and it's affecting every piece of technology on the planet. So when we look at the landscape from a standpoint of what's going on in the industry, we look at you know, how can Ingram help right? Cybersecurity is hard. We're not talking about something you order on Amazon or it comes the next day and your problems are solved, right. These are We're talking about complex solutions across many different vendors, and our center of excellence is really there to align our strategy and mindset really for like a one Ingram approach where our resources are aligned working towards the same things. We're structuring those resources in one place which will be available to our customers through our Spantage platform, and then really integrate those resources to help navigate those complexities, whether it be solution design, training, pre or post or implementation services, really giving our customers to support they need to deliver the best in class technology solutions. And really it's really a change of mindset. Instead of really focused on on vendors right with parts and skews, we really want to focus on business problems, business outcomes, that's really where the...

...if just coming here. So well, yeah, I mean looking at the solutions instead of well, you know, we offer this part this widget X y Z, and we offered that widget you know ABC. It's it's a matter of of creating, you know, like you said, whole solutions. So, you know, Sean John mentioned the the Garder definition of a center of excellence. But from your standpoint as a c so, like, do you find that they still vary widely in terms of what, you know, what people call their center of excellence? Very much? So I often say that if you ask ten people what a center of excellence means, you're gonna get eleven answers. Uh. And that's uh, that's been the case quite across the industry. You know. The idea, what the CEO is is that how do we take all these these highly skilled individuals, the experts, the subject matter experts who have this knowledge, and how do we make them available? How do we make the resources available? And so you know, the idea is to give our customers access to the right resources in the right way at the right time. So in phase one, we're gonna actually focus on with the c O A pulling all of our current resources together, combining and realigning our existing resources under one vision. You know, I like what John said. We very much agree. We've been kind of um in our industry for a long time saying this, this next product, this next tool is going to solve the problem. And what we really need to do is understand that. You know, Gardner often makes reference to the cybersecurity mesh architecture. Really it really is, it's it's it's it's a concept we've been doing in cyberseperity for a long time. Is layered defense. And layer defense is wonderful, but in layer defense, you can't have those tools working separately. They have to integrate with each other. And that's hard. As John said, that's very hard, especially with the lack of expertise nowadays. So how do we do that? How do we get you all the tools together, help you integrate them, get the resources to and the people. The people is the big thing to actually pull this all together. That's really what the...

...c o E is about. Well, so John, we know that assembling a team of subject matter experts, I mean that's no easy feat and especially for you know, a managed service provider that's listening, they're thinking Okay, I want to be able to provide this center of excellence from my customers, but you know, I just don't have the knowledge or manpower to do this. Going back to the beginning, the biggest threat is the lack of people out there that have these skills to protect against the threats out there. So, John, how does Ingram Micro help? Great question. Really, the whole purpose and the aim of the Center of Excellence is at our customers. Right. We have a lot of resources here at Ingram Micro. We have many technicians across many different technologies. What we sometimes get caught up in, though, is that it's very difficult to find the right resource for what you're trying to do right, And we realize that and recognize that is something that we're trying to solve for and through itsvantage, we've got a unique opportunity to really align those resources in a way that allow our customers, through a single pane of glass, to access them in a way that they want to. Whether that's setting up a call, whether that's sending us an email, whether that's getting somebody on site. We have the resources, we're now aligning them in a way that they can be accessed. Really looking at you know, seamless navigation so that people can understand business operations, insights, events, products, vendors services all in one place where it's historically it's been in different places. And I think that's really the key here, is that we're really trying to provide a way for our customers to access all of our resources in a way that they need them. And I think it's important that what John said, it's also in the way that they need them. So let me give you an example about this. If I'm trying to develop or I'm trying to decide, you know, how I'm going to build out my security area, you need advice, you need deep levels of expertise. We want to get...

...you in touch with the right people. On the other hand, if you're checking the older status, hey has this been dropped off? Has it been ships? You don't want to call and set up a meeting for that. You want to be able to log in and and have access to it immediately. That's the type of platform we're talking about. When I said earlier, DADDA is getting you the right information the right day, to the right people at the right time. And I think that's important to understand that the platform is integrating all of those basic use cases. Yeah, I will add, you know, we're really trying to align into a one Ingram approach and structure those resources in a way where it's easy for the customer. Right. It's really we said many times on this on this podcast already, the security is hard, right. And it's not just hard because you know that bad actors are more difficult, but it's also hard because there's a thousand vendors and those vendors are specialized in doing different things, and each of our customers generally has a unique set of vendors that they go to market with, and we're really here to help them build out those stacks of vendors that they're using, develop, build out and enhance. And that is really you know, the crust of the of the center of excellence well being able to basically cut through all of the confusion that there might be and and create more you know, easy paths these solutions. Also, John, your director of ingram Micro's Solution Design and Services, tell us about the SDNs and what it does. Sure, sure so o. Our Solution Design and Services department is what some people have known historically as pre sales tech support. Right, So we have over two hundred and forty resources that are technical resources that our technology aligned that our customers can use to help them. Historically, we're taking somewhere in the range of three hundred to four hundred thousand calls a year. Right. We can help...

...you build out a data center through a solution approach. We can help you understand different technologies that you're looking for. We can help you compare and contrast different technologies. If you're looking for a specific business outcome and you'd like to see a couple of different options, we can do that as well. Our customers have access through an interactive menu because we have some email addresses, we have some phone numbers. We're starting to do things like bookings, which allows our customers to actually schedule time with our team directly. UH. And then we also have a proactive arm of technicians that are really focused on helping our partners grow their business in those specific technology areas right where they're working around let's say Cisco Security specifically with a customer to help enhance and develop a practice. Also, Sean, how does the SDNs I guess vary from another demonstipble UH knowledge source, which is the business transformations that are well, they actually work hand in hand, so the etc. The Business Transformation Center. The idea of that is it used to demonstrate industry solutions, kind of target common use cases you know like IoT or or you know some some storage or data center. And the ina is it pulls. It talks about the bigger picture, and that's awesome. We have to understand what we're trying to build, but at some point I need to figure out how to get there. I need to actually understand. Okay, now that I know what I want to build, how do I actually put the pieces together? What pieces do I need to put together? I like to give this analogy. If you want to build a house, you hire an architect, and architect builds these blueprints and and and helps build this design and now you have an understanding, Okay, this is what I want to build, this is what it's gonna look like. But at some point in time you also have to figure out what materials do I need and what am I actually gonna order? You know, what kind of would, what kind of anything, tile, whatever. The BTC is basically like the architect saying this is what we're wanting to build out and the STNS is saying, Okay, now let's put the pieces together, figure...

...out what I actually need. What model of firewall do I need? Those type of things, the details that we actually need to get to this. So they work cane in hand with each other. That makes sense. Well, as we do start to wrap up our episode today, and we always ask our guests the same final question, and that's where do you see technology going in the next year? So you know, within this cybersecurity space, centers of excellence, uh, you know, the knowledge base, where are we going to be in shot? I'll start with you. Well, you know, John and I talked about this a lot um. You know, really the lack of expertise really is a big problem in our industry. The issues that we're dealing with are not getting any easier, They're only getting more complex. The world is not getting safer. Cybersecurity is only going to get more it's only going to be more dangerous, and so we have to figure out how do we pull our resources together. That's one of the things that Center of Excellence does. The other thing is is that just in general is a market. What you're gonna see is is in recognizing we can't get away from the idea of layered defense where we have to have this mesh. We're going to start seeing a pattern or more of the idea of better integration. And that's already happening with a p I s. But it's not just the APIs to allow them to integrate. It's actually some consolidated dashboards and policy management that allows you to pull all of these together to actually manage them. So we don't have to have expertise that has to know twenty different security controls. We can actually train people and work with people and build skills that can actually integrate all of them. John, how about you. I'll peeback on that a little bit, but at a much higher level because Sean is by fire more of an expert than I am in the technology standpoint. But all technologies continue to converge, right and so historically twenty years ago, ten years ago, even five years ago, it was okay to have very very specific experts for very very specific things. But now we're looking at everything is a service, We're looking at hybrid cloud models, looking at IoT and security across that...

...entire landscape. And as that happens, we really need to, you know, have generalists as well, who can really solve the unique problems that this industry faces. And the reason why I think the Center of excels is important is to Shaun's point, it helps us pull those resources together for our customers to be able to utilize, so they don't have to go out and hire tons of new people to solve these problems. I also think that, um, you know, one of the things that were historically oftentimes in our industry, we've looked at things in silos. You know, you have people who are you know, have expertise and cybersecurity, and people that have expertise and data center and storage and cloud. Well, I don't believe you can actually separate any of those. These technologies are all integrated, not just the cyberstitruty technology the security controls themselves, but all of the technologies. You can no longer talk about cloud without talking about cyber cent you can't talk about data center without talking about cybersecurity, um. And so all of these things have to be dealt with together, and we have to figure out how we can pull that expertise together. And so honestly, the vision for us in the future with Cybersecurity Center of Excellence is actually to partner with our other set of excellence around data center and cloud to make sure that that our customers they have a complete solution. And as I said earlier, I always I always tell my engineers listen to the customer and find out what is the outcome that they're seeking and work your way back from that. We need to actually focus on actually solving the problem. And if we we focus on that, we're going to sell plenty of product. We're gonna We're gonna do fine, but we're gonna actually end up with happier customers and a better solution along one John, for listeners who maybe have questions about something that we talked about today or wanted to find out more, how can they reach out? Uh, there's a couple of ways. So obviously you can reach out to Shaun or myself directly, we're leading the charge here on the Cybersecurity Center of Excellence. But also you know, I am ones coming up if you're listening to this after, I...

...am one look out in Axvantage for what's going on around cybersecurity and Expantage because the c OE will definitely be you know, front and center in our Expantage platform moving forward. Well, Sean and John. I appreciate your your time and insight. Thank you so much for joining me, Thanks for having us, Thanks for having us, and thank you listeners for tuning in and subscribing to B two B Tech Talk with Ingram Micro. If you liked this episode or have a question, please join the discussion on Twitter with the hashtag B two B tech Talk. Until next time, I'm Shelby scare Hawk. You've been listening to B two B Tech Talk with Ingram Micro. This episode was sponsored by Ingram micro Security. B two B Tech Talk is a joint production by Sweet Fish Media and Ingram Micro. Ingram Micro production handled by Laura Burton and Christine Fan. To not miss an episode, subscribe today in your favorite podcast platform,.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (482)