For many small and medium-sized organizations in the Bay area with limited security expertise and toolsets, shifting to a more proactive approach to threat detection can be fraught with questions on where to begin.