Given the pervasiveness of ransomware attacks, hacks and other malicious activities, organizations understand that it’s no longer a question of if they’ll be hacked, but when.

With this knowledge in mind, Ernst & Young Global Ltd.’s close partnership with Splunk is helping the former deliver improved vulnerability resistance to clients.

“One of the things we like to do here at EY is combine what’s happening in the network,” said Tony Pierce (pictured), senior manager of cybersecurity at EY. “So the threat landscaping, which is the network guys, the vulnerability guys who are scanning the data, and then actually the patching who is actually mitigating the problem, putting all those into one screen has really helped people with their risk rating.”

Pierce spoke with Lisa Martin, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the recent Splunk .conf21 Virtual event. They discussed the cybersecurity landscape and how EY is leveraging Splunk’s Observability Suite to serve its clients. (* Disclosure below.)

An in-depth look at the methodology

In tackling both the known and unknown elements of a hack, security professionals often fall into the confusion inherent to the different frameworks in use today, according to Pierce. He is also seeing a trend in the industry where people spend so much time hunting down known actors that they forget about the unknown.

“We try to bring the data in, we operationalize it, and then we try to do something with it. And if you really think about that in a situation with the Splunk’s products, it’s the Splunk core, it’s Splunk ES and then Phantom, right? And so that’s the automation play. So we try to combine all those into one combined offering.”

The approach is strong in theory, but it has also delivered practical benefits, according to Pierce.

“One of the things that we’ve done is for healthcare, we’ve combined ILT and IT into a commonality solution, leveraging the network. Simple things like understanding what those Mac addresses are so that you can actually do … workplace analytics around, say, RFID tagging,” he explained.

For the future, EY is looking into applying groundbreaking technologies like artificial intelligence and augmented reality to its cybersecurity offerings, Pierce concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of during the Splunk .conf21 Virtual event. (* Disclosure: TheCUBE is a paid media partner for Splunk’s .conf21 Virtual conference. Neither Splunk Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: Tony Pierce