Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bridging the Gap Operations and Security

Similar presentations


Presentation on theme: "Bridging the Gap Operations and Security"— Presentation transcript:

1 Bridging the Gap Operations and Security

2 Craig Bowser 15+ years in InfoSec Security Analyst, SOC Manager, Information Security Manager, Security Engineer, All Things SIEM GSEC GCED CISSP Christian, Father, Husband, Geek, Scout Leader who also does some woodworking To Do List > To Do Open Slots

3 Ideally….

4 Commonly…

5 At best…

6 So what are the causes? 3 Foundational issues 3 Technical issues
3 Additional tips

7 FUNDAMENTAL ISSUES

8 Issue #1 - Bad Staff Structure
Does each group report to a different CXO?

9 CEO CIO CSO VP IT VP Sec Dir OP Dir Sec IT Security IT Manager
Sec Manager IT Security

10 Issue #1 - Bad Staff Structure
Does each group report to a different CXO? Is security viewed as compliance not as an operational group?

11 Make Checklist Check off first item on checklist Display completed items on checklist

12

13 Suggestion #1 – Align Staff Structure
- Align Ops and Security under one head at an appropriate level

14 CEO CIO CSO VP IT VP Sec Dir OP / Sec OR CCB IT Security IT Manager
Sec Manager IT Security

15 Suggestion #1 – Align Staff Structure
- Align Ops and Security under one head at an appropriate level - Move audit/ compliance into their own group

16 Issue #2 – Each Group Has Different Goals
Security wants to protect Ops wants max uptime

17 Suggestion #2 – Align or Merge Goals
- Management needs to provide guidance and set priorities - Align with organization mission and goals

18 Issue #3 – Who is doing what?
Does each group have their own procedures for the same situation? Is there confusion over investigative and reporting responsibilities?

19 Suggestion #3 – Get signed policies
- Designate Roles and responsibilities. - List authorized actions. - Develop SOPs

20 TECHNICAL ISSUES

21 Technical Issue #1: Patching and Secure Configuration
Patch Now! Fix your configs! Don’t you know how important this is?!?! Need to test! That’s not critical! That config breaks the app! Stop talking down to us!

22 Suggested Solutions - Build and use a test bed
- Review and prioritize fixes - Provide fix suggestions - Develop alternative mitigations

23 Technical Issue #2 – Ops installs new application or Capability
Deploy Now! Users Need! Customer Wants! Why don’t you understand operations / business? What? We have no warning / prep! Completely insecure! Opens up holes! Skipped security testing!

24 Suggested Solution - Build and use a test bed
- Involve both sides early in requirements phase - Ensure security understands problem Ops is trying to solve

25 Technical Issue #3 – Security implements new tool / process
Enhance security! More rules! Trust but verify Analyze all things! Don’t you see how this makes us more secure? More things breaking! More users / customers yelling! Slower network! No visible benefit!

26 Suggested Solution - Build and use a test bed
- Get Ops involved early in planning - Eat your own dog food - Phased implementation

27 ADDITIONAL TIPS

28 Finishing Touches Help retire a device that’s EOL
Use your monitoring tools to augment theirs Respond to their requests for assistance

29 CONCLUSION

30 Questions? Craig Bowser @reswob10


Download ppt "Bridging the Gap Operations and Security"

Similar presentations


Ads by Google