Seth Morrell, VP, Enterprise Architecture and Design, Hub International & Jeremy Embalabala, Director, Security Architecture & Engineering, Hub International, sit down with John Walls & Justin Warren at AWS re:Invent 2018 in Las Vegas, NV. #HubInternational #reInvent #theCUBE https://siliconangle.com/2018/12/28/this-attitude-adjustment-makes-security-profitable-slays-regulation-monster-reinvent/ This attitude adjustment makes security profitable, slays regulation monster Waiting around for legislatures to throw a two-inch-thick book of data-compliance laws at the company? Sitting by with patching and remediation tools on hand for after a breach occurs? Maybe an attitude adjustment is due. Maybe it’s time to befriend security, blend it into the business, and make it a profit-driving competitive advantage. “We view security as a driver of business, not just a cost center,” said Seth Morrell (pictured, left), vice president of enterprise architecture and design at Hub International Ltd. “It’s a way that we can add to the bottom line and be able to generate revenue for the business by being able to show our customers that we really care about their data.” The insurance broker has revamped its security architecture with technologies like Slunk Inc.’s machine-learning data platform in the Amazon Web Services Inc. cloud. It also uses security information management for collecting, monitoring and analyzing logs on security data. Morrell and Jeremy Embalabala (pictured, right), director of security architecture and engineering at Hub International, spoke with John Walls (@JohnWalls21), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, and guest host Justin Warren (@jpwarren), chief analyst at PivotNine Pty Ltd, during AWS re:Invent in Las Vegas. They discussed Splunk on AWS, SIM, and the payoffs of built-in rather than bolted-on security. (* Disclosure below.) Extra-mile security prevents compliance headaches Advanced SIM isn’t easy to manage, according to Embalabala. “They’re tricky to implement, they’re generally very costly, and they require a lot of tuning, a lot of love, care and feeding in order for it to be effective,” he said. “Quite frankly, if you don’t get that right, they can actually be detrimental to your security program.” But the security upgrade it — and other extra-mile security measures — provides is worth it. When scary legislations like the General Data Protection Regulation comes to town, those that embrace security and compliance day-in-day-out will be ready, Embalabala and Morrell pointed out. “We’ll be 95 percent of the way there by just building the right controls into our environment at a foundational level,” Embalabala said. “Then we have to spend our efforts aligning ourselves with the other five percent that vary from regulation to regulation.” Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent.