Cybersecurity News that Matters

Cybersecurity News that Matters

Opinion: Breaking data silos between observability and security empowers organizations

by The Readable

Dec. 12, 2023
2:58 PM GMT+9

By Ajay Khanna, CMO of Mezmo

In recent years, many organizations have struggled to manage the increasing volume of data in their systems, particularly for observability and security teams. According to an ESG report,  organizations capture hundreds of terabytes (32%) and even petabytes (6%) of data per month. This deluge of data presents dual challenges.

First, this data gets locked within certain organizational systems, hampering the wider visibility and actionability necessary for informed decision-making and robust security practices. Second, as revealed in the same report, most organizations (69%) said they don’t gather all desired data sources because processing and storing this amount of data is costly. This is a problem if there’s an incident and the organization has incomplete data for a comprehensive analysis and quick response.

Telemetry data, including metrics, events, logs, and traces, comprise a majority of the application data volume. This data can enable observability teams to understand application performance and helps security teams improve detection and response efforts. However, without effective data management strategies, both teams struggle to extract timely, actionable insights. To address this issue, organizations need to manage data as an enterprise asset and bridge the gap between observability and security data silos.

Advantages of treating data as an enterprise asset

By ensuring that ITOps, SREs, and security teams have access to the right, timely data, organizations can adopt a comprehensive approach to delivering software that instills trust in users and businesses. This enables them to shore up data governance, elevate the value of their collected data, and fortify their security and compliance practices.

Additionally, the separation of the data layer from analytics enables the flow of the right data for the job without duplication of data or misaligned sources of information. It streamlines data processing and supports efficient distribution so data will reach teams with more context to drive action. This approach breaks data silos and improves team communication and collaboration as they adopt better data management practices to ingest and process telemetry data. As a result, developers can quickly and effectively find errors in their workflows that require attention, and security teams can gain real-time visibility into their systems, enabling them to identify and mitigate potential threats before they escalate. This shift from reactive data processing to a managed and proactive approach to data management is crucial in today’s rapidly evolving threat landscape.

Challenges of enterprise data management

Many organizations have inadvertently confined data within certain systems and departmental silos, limiting access to specific teams. This barrier impedes collaboration and hampers data analysis. It’s important to implement processes that allow everyone access to pertinent data so the divide between observability and security teams is eliminated.

Organizations will also encounter challenges in preparing the data in appropriate formats compatible with their various observability or security tools, ensuring compliance with regulations like GDPR and CCPA, and properly handling personally identifiable information (PII).

Also, the dynamic nature of telemetry data introduces an additional layer of complexity. Context can change quickly in telemetry data, where what may not be important in one moment can quickly become mission-critical due to a change in context. This can be particularly crucial in scenarios such as incident management, where rapidly shifting factors like application performance or security threats demand real-time adaptability. Teams need the flexibility to access the right data for timely response.

Even organizations that have taken steps to move data between teams find this can be cumbersome and costly. According to a recent Pulse Report, the top challenges of managing telemetry data encompass an overwhelming data volume, data formatting complexities, challenges in integrating various tools, and the high cost of data management.

Guidance for organizations

Pursuing enterprise data management for observability and security may initially seem daunting, given the siloed nature of data and the diverse range of tools used by various teams. However, organizations can initiate the process by incorporating observability into their software development life cycle and fostering collaboration among observability and security teams.

Using enterprise telemetry pipelines can help centralize data, break down silos, and create a single source of truth for all teams. These pipelines can automate data collection, transformation, and distribution, ensuring each team can access the necessary information, in the format required, when it is needed. This results in improved operational efficiency and better control over data, which can ultimately cut costs.

Additionally, adopting standards like OpenTelemetry can ease data collection challenges and facilitate the use of standardized data across the organization. OpenTelemetry provides a vendor-neutral framework for collecting telemetry data, making it easier for different tools and teams to interoperate seamlessly.

The future of software quality

Taking an enterprise approach to telemetry data management has the potential to improve software quality and, ultimately, the customer experience. By adopting this strategy, organizations can address the challenges of vast amounts of telemetry data and strengthen their security postures.

Organizations must consider telemetry data as an enterprise asset and take complete ownership of that data. They must put in place processes, technology, and governance that enable data access to wider teams in the organization for all observability and security use cases.

While the process may take time and effort, the benefits are worth the investment. Those who embrace this paradigm shift will enhance their overall performance and competitiveness in a dynamic technology landscape.

[email protected]Follow the author


About the author

Ajay Khanna is chief marketing officer at Mezmo. He has over 20 years of experience in the enterprise software industry. He has a long track record of building marketing organizations, scaling high-growth companies, and bringing new products to the market. Previously, he led marketing organizations as CMO of Explorium and vice president of marketing at Reltio. He holds an engineering degree from Thapar Institute of Engineering and Technology and an MBA in marketing and finance from Santa Clara University.

About Mezmo

Mezmo, a leading observability data platform, helps organizations unlock the value of their telemetry data. Cloud native and built for enterprise scale, Mezmo’s platform makes it easier to control costs and take action. Mezmo fuels massive productivity gains for modern engineering teams at hyper-growth startups and Fortune 500 companies alike.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

Stay Ahead with The Readable's Cybersecurity Insights