Industry leaders worldwide are rapidly taking advantage of digital advances in analytics, mobility, social media, and smart embedded devices to keep up with new demands from both internal and external customers.
This has created a situation where it is more important than ever to take practical steps for strengthening IT security. This challenge is particularly critical on Cyber Monday, which is likely to be the biggest online shopping day of the year. According to Fortune.com, ecommerce in November and December is expected to grow at three times the rate of in-store sales during that period. The holiday season makes businesses more vulnerable because as transactions increase, more personal customer data is shared and stored. Fortunately, implementing policies with automation that reinforce security and compliance can dramatically reduce vulnerabilities and breaches.
New Challenges for Compliance and Risk Management
The vast capabilities of mobile devices and the subsequent access to information improve the customer experience by letting people conduct business from anywhere at any time. While changing the world in many positive ways, this also increases the amount of personal and sensitive information being stored. For example, in 2014 Apple announced that iTunes grew 40 percent to 800 million user accounts. While this is great for growth, it also means they are managing 800 million unique accounts — each with associated credit card and personal information.
The depth and breadth of personal data that companies are storing creates an irresistible target for hackers. There have been more than 175 million data breaches so far in 2015 at an average cost of $5.3 million each, according to NOPSEC 2015 State of Vulnerability Risk Management. More than 80 percent of attacks target a known vulnerability that could have been prevented with an existing patch.
As more organizations rely on the data center, they need to ensure that the compliance and security policies that keep the business safe are always enforced. Have new modes of customer interaction exposed a new vulnerability or exacerbated an existing set? Have the demands of a digital offering placed too many demands on a legacy infrastructure that doesn’t have the right security to protect itself? Vigilance with compliance and risk management practices is vital to the overall health and stability of the business, but companies in many cases may believe that the only way to do this is to sacrifice agility. Organizations may think that to meet their security goals they need to implement costly and time-consuming processes forcing the business to decide: should I be secure or agile? For many, this crossroads is unavoidable because of current organizational paradigms and processes.
To Maintain Security and Agility Security and Operations Must Share Accountability and Collaborate More Effectively
In my experience working with enterprise companies to help solve some of these challenges, I found that a critical part of success was streamlining the relationship between Security and Operations. These two teams need to work in harmony to allow Security to identify the issues and enable Operations to address these issues in a timely fashion. The reality is that in most cases these teams have a relationship that is far from harmonious, and instead can be frustrating.
We have seen that this conflict derives from a common theme — the teams have different core objectives and perceptions of the problems to solve. They typically use different tools, different terms, and have opposing project plans. The Operations teams is focused on maintaining availability and limiting change, while the Security team is focused on addressing risks as quickly as possible and driving change. This disconnect is referred to as the SecOps Gap.
Similar to DevOps, SecOps is about people, process, and tools. The people have to be aligned on objectives and share accountability for the security and compliance of the organization. They need to use processes that create a closed loop of feedback and encourage collaboration. Security cannot lay problems at the doorstep of Operations and then walk away. And Operations cannot deprioritize the initiatives from Security. Finally, they need tools that support a collaborative workflow and the needs and activities of both teams.
Leverage Tools Designed to Bridge Security and Operations to Close the SecOps gap
As you investigate new tools, or seek to use current tools more effectively, be sure to consider what problems you’re solving and what processes you’re trying to support. A common issue is that processes are manual, repetitive, and time consuming — a situation ripe for the help of automation.
A variety of best practices can help organizations use automation most effectively to optimize resources, lower costs, and improve service quality while reducing vulnerabilities and improving compliance. This includes incorporating the following capabilities:
- Establish central views that combine security and operational views. These teams use different mechanisms to identify systems, organize them and assess them. Automation can allow these teams to maintain their individual views but map the two views so Operations can understand the environment in the Security team’s context.
- Leveraging trusted operational policies to drive automated responses to threats. This allows Operations to quickly and easily make changes in a way that doesn’t introduce a risk of dreaded downtime.
- Drive a security-first approach in operations. By using automation to drive hardening prior to deployment, IT can ensure that new systems don’t introduce new problems and instead that they adhere to all the operational and security policies.
- Creating automation policies for servers, clouds, and databases that are aligned with the needs of the environments in which they are being applied. IT teams should be able to coordinate change management processes to enforce change windows and avoid collisions or unplanned outages.
Next Steps for Meeting the Security Demands of the Digital Enterprise
Cyber Monday is only the beginning of a very busy online holiday season. Whether you are a retailer or providing other types of online business or services, be sure to consider how you can reduce business risks in the digital enterprise with strategic automation. Learn about automation for security and compliance and how to get started. Read this white paper, “Breakthrough Security and Compliance Practices for the Digital Enterprise.”
- Top IT Security, Information Security, and CyberSecurity Conferences of 2018
- The state of IT security in 2014
- Simple Ways to secure your IT environment: MongoDB, default passwords, and general security
- SIEM vs. Log Management: What’s the difference?
- IT Security Vulnerability vs Threat vs Risk: What’s the Difference?