Exclusive: Simplify security operations

International Security Journal speaks exclusively with Tom Bradley, Technical Director of SureView.

For organisations of any size, one of the most important security requirements in this day and age is flexibility. Users no longer want to be restricted in either the technology they use or how they use it. With a rapidly evolving threat landscape to navigate and numerous compliancy regulations to adhere to, it is vital for organisations to experience the utmost flexibility in their security systems.

SureView is certainly helping its customers to modernise their security programs with its suite of SaaS solutions, simplifying and improving the management of security operations. International Security Journal sat down with the company’s Technical Director, Tom Bradley to learn more about SureView’s technology and find out why cloud-based solutions are proving so popular.

After the alert

Headquartered in Florida, USA, SureView has been providing state-of-the-art software solutions since 2001. Perhaps slightly unusually, the company focuses exclusively on solutions for security operations and responding teams.

Bradley explains why the firm took that decision: “Customers in our industry are able to choose from a very wide variety of systems and devices that can trigger alarms and alerts, the options grow all the time and customers can buy best-of-breed rather than be tied to any particular manufacturer. These alarms can be triggered by very sophisticated AI-driven analytics or simple I/O signals.

“Regardless of how they are generated, what we have found is that the majority of manufacturers are focused on programming their systems to better detect and notify teams of these alerts and they do it with increasing sophistication and accuracy. What is commonly overlooked is what teams should do after they receive these alerts, how do teams quickly and consistently respond to these events?

“We have spent 20 years working with teams who run command centres to find ways to improve the efficiency of their response. Naturally, this involves integration with a wide variety of systems. We help SOCs receive the many alarms and capture real-time situational awareness, enabling them to build action plans and processes. One recent real-world example was a global technology company that used our platform and was able to decrease response time by 92% even as their alarms increased sixfold, all without increasing operational costs or the need for additional manpower.”

Bradley goes on to dispel the myth that most security command centres are the same: “Most security command centres have a number of things in common: they have operators who respond to alarms and coordinate the team response, each operator has multiple screens to access different systems and there are often large video screens at the front of the room to display key situational data.

“Yet, behind the desks and monitors, organisations differ. Security teams have different operational challenges. For example, critical infrastructure providers have regulatory compliance requirements, global corporations have to protect large mobile workforces as well as their brand and campus environments have an obligation to protect not only their employees but the public who visit their locations; the list goes on. The size of the organisation introduces challenging operational dynamics because these teams often need to protect people and assets, multiple offices or locations across the globe through multiple SOCs.

“What is common across all of these different scenarios is that security operation teams need the flexibility to create or adapt their own simple workflows to respond quickly to whatever events are important to them.”

Coping with accelerated change

It has been a hugely successful period for SureView, with the company making it easy for its customers to respond to the accelerated change they are facing. Bradley details how the provider has accomplished this: “First, we created a suite of modules enabling our applications to be delivered as a hosted SaaS. This allows customers to start quickly and try a new service without the cost or complexity of deploying a new enterprise application. More broadly, it allows us to build a range of innovative services that leverage the power of the Cloud. As it’s a hosted service, customers can trial our software free for 30 days and most can be operational within a week.

“Secondly, we have expanded the security operations suite adding modules to connect other security teams and mobile staff closely with the SOC. The core objective of our software has always been on building a robust, real-time, alarm management interface. As part of our security operations suite, we added our Field Operations module, which instantly and easily connects field teams with the SOC. Using a familiar map driven interface, operators in the SOC can instantly see the real-time location and status information of their mobile team and critical assets. Field staff using our mobile app can send and receive notifications of important incidents and status changes and share video, photos and notes back and forth with Operations.”

He also highlights SureView’s most recent release, Cases: “Our most recent development is our Cases module. It’s a flexible investigations and records management platform designed with an open software architecture that makes it uniquely adaptable to any organisation.

“We found that the communication between teams that respond to alarms in the SOC and those that investigated them later was very disconnected. We felt that we were uniquely positioned, with the auditing capabilities of our response interface, to easily share everything that was seen, said and done with investigating teams.”

He continued: “So, in collaboration with some key customers, we developed Cases. It’s designed specifically for security operations, with the flexibility to fit any workflow. Teams can build and manage their own record templates, fields, workflows, reports and dashboards right from the interface. Cases automates time-consuming tasks around reporting, auditing and compliance, with the flexibility to meet the needs of any risk department.”

Quick and consistent response

More and more organisations are now turning towards cloud-based solutions, such as SureView’s, to enhance their security offering. Bradley believes that this is down to the speed and convenience that this type of technology can provide: “SaaS solutions like ours allow teams to be up and running very quickly without the need for additional IT infrastructure or long-term capital commitments.

“A lot of our recent clients are organisations that are experiencing rapid growth and change all at once. They can be large or small, but what they have in common is the volume of alarms, the amount of information inbound to these teams is overwhelming. They are protecting more locations, people and assets, often spread across the globe and what they need are simple and flexible ways to respond quickly and consistently to these diverse situations.

“They don’t have the time to embark on large complex and costly projects. They are also looking for the independence and flexibility to configure their applications to adapt to all of this change, critically they don’t want to engage constantly with IT or other teams to make common updates to their workflow.”

Following a period of such fantastic success, Bradley is looking forward to what lies ahead: “We are focused on expanding the applications we offer in our security operations suite. The Cloud provides us an array of new services we can leverage to continue to improve and simplify the workflows of security.

“There is obviously a lot of innovation happening in AI and machine learning that has the promise of further automating many routine tasks. We are also developing new reporting and dashboard tools to help customers identify trends and key activities in a sea of data. Ultimately, our focus continues to remain on providing tools that simplify security operations and speed-up response.”

The cutting-edge solutions offered by Tom Bradley and his team will undoubtedly be in ever greater demand over the months and years to come. To find out more about the benefits that SureView can bring to your organisation, go to: sureviewsystems.com

This article was originally published in the April 2022 edition of International Security Journal. Pick up your FREE digital edition here.