Moving security operations away from your security team? This may sound counterintuitive, but it’s something that we see happening more and more.
Escalating security requirements, the growing risks of breaches and outages, and the shortage of skilled and experienced security staff is forcing businesses to find new ways to make more efficient use of their security specialists. As a result organizations are directing their security teams to focus on protecting the network from external and internal threats, and increasingly handing over operational tasks to other areas of IT.
I see this as a positive development. However, for this transition to be successful, there are certain processes and conditions that need to be in place first.
First, automation can help massively to free up your security team from repetitive, administrative tasks and give them more time to spend on the real security work. Look for tasks that can easily be done by machines or that are susceptible to human error – automation will not only do these tasks quicker but also more accurately, thereby eliminating security risks caused by human mistakes.
Second, you need to ensure that your security team is aligned with the rest of your IT department in terms of goals, reporting structures, processes and systems. Security needs to be closely integrated with other teams so that it has visibility into what they are doing and confidence that they are following security policies. Equally, other teams need to see that security is there to enable and protect the business, not to stop things getting done.
In a similar vein, organizations must also ensure that security knowledge is properly shared across the business before shifting responsibilities away from the security team. In too many organizations, critical networking and security knowledge is hoarded in human memory, but it is simply not good policy to silo tribal knowledge within cranial wetware of ‘Network Ned’ and it is likely harming your security posture. Moreover it makes ramping up new and lesser-skilled engineers a lot slower and more difficult. Software tools that document the network and its security configurations will simplify the process of extracting this knowledge and moving security to IT, and make you more secure.
Finally, it helps if there is less of a need for your IT staff to be experts on specific devices, and instead can work across multiple platforms. Again, this is where automation can be a tremendous help: security policy management streamlines processes by automating manual, repetitive tasks across products from multiple vendors and platforms, taking away much of the manual, detailed work and minimizing the possibility of user-induced errors. An effective automation solution will help you redesign your security processes so they work more efficiently, and help to enforce them. It also gives each team the same holistic perspective of the network, which helps eliminate blind spots between teams that could otherwise introduce misunderstandings and security gaps.
Automating your security processes and aligning the various groups within your IT department is key to successfully migrating selected operations away from your security team. This enables them to focus on the critical work that their skills are really needed for, while minimizing the overall risk to the business.