Why Your Cyber Security Plan Must Address SecOps
- Published: Wednesday, November 20, 2019 07:00
By Zeeshan Kazmi
Cyber Security Practice Head
Thanks to today’s digital transformation initiatives, getting a cyber security plan in place is more important than ever. In fact, it should be a vital part of your IT strategy. After all, chances are nearly all new initiatives in your company involve something digital. This automatically introduces new platforms that can be attacked and quickly become a deficit for your organization if they’re not directly protected by your cyber security efforts.
SecOps—a collaborative effort that ensures the IT Security and IT Operations teams are all on the same page—is the ongoing operational management piece of this. It’s the reminder that your cyber security plan cannot be a “set it and forget it” effort. A cyber security plan must always bridge the gap between Security and IT Operations, neither of which is ever static and each of which has fundamentally different priorities.
What happens when cyber security does not address SecOps?
A good example of what happens when you overlook ongoing operational management when creating a cyber security plan is the Capitol One breach. Their digital transformation initiative involved a move to the cloud. Although Capitol One had good security measures in place for this move, their cyber security planning failed to address the operational risk of changes that happen over time. In other words, they left out the SecOps component. But things always change over time. When that happened, the Capitol One team had no idea that things had changed in a way that they had not anticipated. The resultant vulnerability ultimately led to the breach.
A similar situation happened with the Equifax data breach. Equifax had invested in a great deal of cyber security. But their cyber security plan also overlooked SecOps. Leaving out operational issues such as SSL certificate renewals left the company vulnerable to attack. In this case, their certificate had failed quite some time before they happened to fix it…at which point the system detected a problem. If their cyber security plan had included SecOps, they undoubtedly would have detected the vulnerability much sooner, perhaps soon enough to avoid the data breach altogether.
An effective cyber security plan has many components
All of this points to something important: Your cyber security plan is not just for end point security or backup or to have a logging system or to have a written incident response procedure. It’s about having a holistic view of all your organization’s IT assets, understanding the threat level that each of these assets poses, and being able to protect them both in the beginning and over time. This “over time” issue is why SecOps needs to be a key component of your plan. You need to operationally ensure that the integrity of your cyber security system stays in place and continues to effectively work to protect these assets.
What this means is that strategy, implementation and operational monitoring are all equally important components of your cyber security plan.
About Zeeshan Kazmi
As a seasoned global technology executive, Zeeshan is known as an analytical thinker who introduces cutting-edge solutions and game-changing cultural shifts that ignite revenue and productivity, and optimize performance. Clients benefit from his extensive experience directing the development and execution of advanced Cyber Security and IT strategies that facilitate sustainable growth, strategic risk management and increased profitability.
About CIO Professional Services
Based in the San Francisco Bay area, CIO Professional Services LLC is a top-rated Information Technology (IT) consulting firm focused on integrating Business and Information Technology. Our consultants are all hands-on executives who are veteran CIOs and Partners of Big 4 consulting firms. Companies come to us seeking assistance with their information technology strategy as well as for interim or fractional CIO / CTOs, and negotiation and program management/project rescue assistance.