In a recent meeting with the CISO of a Fortune 500 company, the CISO described his organization’s 2012 plans for virtualized architecture roll-outs, including mergers, growth in their international operations, and the rampant addition of cloud services, among other major network initiatives. Each of these projects individually creates major network and security architecture changes – the kinds of changes that can shatter operational performance and security policy compliance. Pile them together and you have a recipe for disaster, leading one to surmise this CISO has a stockpile of antacids on his desk.
When asked whether his information security team was going to grow in 2011 to help secure all these new initiatives, the wry answer was: “We get to do more with less”. Doing more with less seems to be a common trend in information security these days, so what’s a security leader to do when faced with the ‘do more with less’ edict?
There are a few key steps that information security executives can take to get the most from their existing security infrastructure, while keeping a keen eye on their network security as they navigate major updates and changes to the network.
Show and Tell
The first step is to gain an accurate picture of the network environment as it looks today, using tools that enable executive teams to see the network, visualize threats and quantify risks. By taking this step, information security officers can reduce the chance of service disruptions or security breaches, automate network compliance audits, and enhance visibility and oversight of the network management process.
Maximize Current Investments
Catalogue your current security controls and investments and ensure that they are being used accurately and consistently. For instance, be certain that all of your firewalls are configured properly and all critical vulnerabilities have been addressed. Deal with the known issues proactively to reduce the ‘what if’ stress.
Take Action Before It’s too Late
Once an accurate network topology is completed it must be checked regularly for security gaps and assessed for new threats so that action can be taken before it’s too late. Conducting this step regularly is critical for preventing security breaches.
Let’s face it, nothing will send you over budget faster than a breach, and if it’s your responsibility to explain the expense and loss of brand to the board of directors, I hope you also have a supply of antacids on your desk.
Delegate Routine Security to IT Operations
One way to ensure regular network security check-ups are taking place is to link automated security management tools with operational processes, allowing the security team to bake routine security checks into everyday processes. For example, setting up regular audits when configuring a firewall management system – with ticketed alerts to the team when a problem is flagged – saves the time and manpower wasted looking for the problem, ultimately saving time when a formal audit is necessary.
Shift Spending
Last, but certainly not least, is to swap funds to more effective technologies, leading to reduced time spent on ‘routine’ tasks that can be automated, enabling them to be performed as often as needed with minimal management time. Avoidance of time wasters that have minimal impact on the security level of an organization is also critical to successfully do more with less.
Savvy IT executives should not face the ever-changing world of complex cyber-threats without the right tools – and those tools are proactive, not reactive. They need to be integrated into everyday security operations, and most importantly, must arm the IT staff with the ability to make informed, risk-based decisions to continuously protect their network resources. Ultimately it’s up to the C-level executives in an organization to make sure the network security strategy meets the needs of the business, because at the end of the day the topic isn’t just about network security – it’s about business security.
As founder and CEO for Skybox Security, Gidi Cohen has been instrumental in driving the development of the security risk management market category. He is an avid proponent of the use of predictive analytics – such as risk modeling, network path analysis and attack simulation – to anticipate and prevent cyber threats every day. Cohen holds BS and MS degrees in computer science and mathematics from Tel Aviv University.