I’ve spent the past few years calling into CIOs, IT Managers, or Security Engineers discussing where their security program is today and what they would like it transformed too. Even though you probably dread the sight of an unknown number, my favorite part of my position is being a facilitator of conversation as well as understanding the focus of all parties involved. What I’ve come to realize is the disconnect that often exists within the security team and the individual goals differ position to position.
It is without saying that every person on the security team wants to have world class security program, but this often falls by the wayside because a lack of communication, tunnel focus on existing projects, or “this is how we have always done it”. This typically results in you relying on point products or solutions and leveraging a small portion of their capabilities because there is just not enough time in the day. This leaves gaps in the security posture because you don’t have the visibility you need.
To address this people, process, and technology gap your organization is facing, it is essential to understand what is important to the CIO, IT Manager, or Security Engineer. This will allow you to introduce services and solutions that will meet their objectives.
CIO: I had a discussion with a CIO several months back and boiled what the job entails into very two simple principles:
- Spending no money
- Ensuring when they do spend money that the tools and technology integrate to maximize the total cost of ownership
IT Manager: They are the facilitator between the CIO and Security Engineer, which is trying to optimize that goals of the organization and the needs of the team. NOT EASY TO DO!
- Implementing Security Protocols and Process
- Reporting – Ensuring they are meeting security compliance mandates, delivering overviews to security council, risk analysis
- Ensuring completion of the IT projects while supervising security team members
Security Engineer: You are entrusted with safeguarding the organization’s computer networks and systems which requires you to investigate and prioritize security incidents or vulnerabilities.
- Be an expert in time management!
- Leverage existing technologies to investigate and remediate security incidents and vulnerabilities
- Able to aggregate data for comprehensive report building and analysis
- Configure and troubleshoot security devices
- And many more responsibilities!
Having a discussion of where the security program is falling short is never an easy discussion and usually uncomfortable one, but it must happen. If 2017 showed us one thing, the amount of organizations breached increase by 44% (SANS) from 2016 and if I were a betting man 2018 will be another record year. 2018 is the year of having security discussions with your team and partners to see how they can address your people, process, and technology gap.
Cygilant's SOCVue security as a service can help. We provide the people, process, and technology for enterprise-class security programs at a fraction of the price. Schedule a demo today to speak with our team about how your organization can benefit from a 24x7 global SOC team to help detect and remediate threats, identify vulnerabilities and deploy patches.