IT disaster recovery, cloud computing and information security news

Daisy

Why you should move security away from security…

Moving security operations away from your security team? This may sound counterintuitive, but it’s something that we see happening more and more. Nimmy Reichenberg explains why this is happening and highlights the advantages of the approach.

Escalating security requirements, the growing risks of breaches and outages, and the shortage of skilled and experienced security staff is forcing businesses to find new ways to make more efficient use of their security specialists. As a result, organizations are directing their security teams to focus on protecting the network from external and internal threats, and increasingly handing over operational tasks to other areas of IT.

I see this as a positive development. However, for this transition to be successful, there are certain processes and conditions that need to be in place first.

First, automation can help massively to free up your security team from repetitive, administrative tasks and give them more time to spend on the real security work. Look for tasks that can easily be done by machines or that are susceptible to human error – automation will not only do these tasks quicker but also more accurately, thereby eliminating security risks caused by human mistakes.

Second, you need to ensure that your security team is aligned with the rest of your IT department in terms of goals, reporting structures, processes and systems.  Security needs to be closely integrated with other teams so that it has visibility into what they are doing and confidence that they are following security policies.  Equally, other teams need to see that security is there to enable and protect the business, not to stop things getting done.

In a similar vein, organizations must also ensure that security knowledge is properly shared across the business before shifting responsibilities away from the security team. In too many organizations, critical networking and security knowledge is hoarded in human memory, but it is simply not good policy to silo tribal knowledge within ‘cranial wetware’ and it is likely harming your security posture. Moreover, it makes ramping up new and lesser-skilled engineers a lot slower and more difficult. Software tools that document the network and its security configurations will simplify the process of extracting this knowledge and moving security to IT, and make you more secure. 

Finally, it helps if there is less of a need for your IT staff to be experts on specific devices, and instead can work across multiple platforms.  Again, this is where automation can be a tremendous help:  security policy management streamlines processes by automating manual, repetitive tasks across products from multiple vendors and platforms, taking away much of the manual, detailed work and minimizing the possibility of user-induced errors.  An effective automation solution will help you redesign your security processes so they work more efficiently, and help to enforce them.  It also gives each team the same holistic perspective of the network, which helps eliminate blind spots between teams that could otherwise introduce misunderstandings and security gaps.

Automating your security processes and aligning the various groups within your IT department is key to successfully migrating selected operations away from your security team.  This enables them to focus on the critical work that their skills are really needed for, while minimizing the overall risk to the business.

The author

Nimmy Reichenberg is VP of Strategy for AlgoSec.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.