September 26, 2016 1 Comment
Next-Generation Security Operations – Preview
Welcome to Nige the Security Guy Blog: Next-Generation Security Operations.
Disruptive Shifts and Converging Trends
The past few years have set the stage for some disruptive shifts in network security operations. These shifts are driven in part by the rise of BYOD, mobility, virtualization and the cloud, which have resulted in a new level of complexity and fragmentation with distributed systems.
These disruptive shifts and converging trends have fused application and network layer functions, causing a fundamental reset of the security operations function.
- Organizations need to shift more security resources from preventing intrusion toward rapid detection and response
- Improving detection and response requires an intelligence-driven context-aware security approach
- Optimizing how security technologies, resources and process work together is pivotal to scaling security capabilities
- Automation frees up analysts to focus more on higher priority risks affecting the most critical assets and data
- SOCs need to build collaborative cross-disciplinary teams with highly specialized skill sets to combat advanced threats
- Evolving security operations optimizes the interplay of people, processes and, technologies to enable rapid response
- Orchestrated management of network infrastructure will be embraced as the next big thing
- The rise of DevOps drives much needed convergence between security and IT operations to add security by design
- Increases need to automate and optimize security operations to more effectively leverage resources/skills shortage
CISO Security Operations Dashboard
The Blog will cover a diverse set of practical topics that seek to consolidate, integrate, organize, and automate infrastructure into a single security model and a holistic security management system. The currently planned topics are, as follows:
- Active Cyber Defense
- Attack Patterns and Threat Hunting Series
- Attack Surface Reduction Series
- Cloud Access Security Brokers (CASB)
- CISO: Security Operations Dashboard
- Data Privacy Breach Management Program Series
- Deception, Delay and, Detection
- Incident Response Program Series
- Security Orchestration and Automation
- The State of SIEM and Maturity Model
Next Generation Security Operations
The era of advanced threats calls for a new approach to information security. When dedicated cyber adversaries have the means and methods to elude commonly used defenses, such as signature based detection, it is clear that conventional approaches are no longer sufficient.
The need for a Next Generation Security Operations mindset is evident across the industry. Technologies will continue to improve but in parallel we do need to ensure that we also evolve and improve our security processes as well as invaluable resources and skills. Attackers are constantly evaluating their methods and improvising new techniques. Defenders must think in those same fluid terms to keep pace.
The value proposition for a Next Generation Security Operations program includes improved security, resource utilization and, cost-effectiveness. Together with increased visibility and vigilance defensive strategies can be precisely aimed at addressing the most significant threats and protecting the most critical assets and data. Leveraging automation and orchestration the security team will have the knowledge and the cycles it needs to make informed risk decisions and invest in the right security controls.
Return on Security Investment (ROSI)
Security done right is a business enabler that dramatically reduces total cost of ownership (TCO) providing a tangible Return on Security Investment (ROSI).
IT complexity and fragmentation replaced by an adaptive modular and flexible architecture enables agility and improves your competitive edge — so the business can refocus quickly as new opportunities emerge.
Security is a process, not just a product or technology issue.
Nige the Security Guy Bio
Nigel is a Chief Security Architect with 30 years of international experience in Security Operations, Management, Research, Development and Security Services. He started his career as an assembler programmer who was contracted by the US DoD to develop secure operating systems with multi-level security and preclude covert channels. Nigel is a passionate evangelist who loves working with organizations to share thought leadership and practical strategy to help defend against advanced targeted threats.
Thanks for your Interest!
Nige the Security Guy.