cancel
Showing results for 
Search instead for 
Did you mean: 

Making Friends: Optimizing IT and Security Resources

Level 10

As we approach the end of National Cyber Security Awareness Month, it’s time to focus on ways to improve your current staff and resources. In light of our country’s current security skills shortage (more than 50 percent of 600+ companies surveyed indicated that it takes roughly three to six months to fill cyber security positions, and even then, available staff may not have the necessary skills to detect and respond to complex incidents[1]), organizations must explore ways to optimize IT and security team functions. Too often a lack of coordination between teams leads to increased inefficiency and wasted effort.

If you don’t have an efficient, streamlined patch management program in place, for example, work done in vulnerability assessment (VA) could result in a pile of unread spreadsheets. VA programs are expensive to set up and manage, and usually involve a monthly cost. This means that any month the data isn’t used will wind up being a waste of time, money, and resources. If your IT team is not ready to manage VA, consider having your security team work with them to set up good patch management tools and practices.

Sometimes different functional teams want to access data from the same sources. In other cases, data from devices being managed by different teams may not reach its desired destination. Both instances call for monitoring. Take, for example, switches and routers vs. ingress/egress devices on the network. Traditionally, ingress/egress (firewalls) are configured and managed by the security team, and internal switches and routers are managed by the networking team. However, each team would benefit from sharing information. Perhaps there should be internal firewalling between organizational teams: finance and human resources, sales and marketing, engineering and product management. If these internal firewalls are being implemented with access control lists on internal systems, does the networking team configure and manage these devices, or does security? 

Another area of best practices sharing could come from change management. In many organizations, change management is either overlooked, or not practiced consistently across teams. Look inside your organization and see which team has more maturity in process, tools, and efficiency for change management. This might be the applications team, the IT team, the networking team, the security team, or maybe even DevOps. Setting up best practices leads across functional groups encourages communication, creates a culture of cooperation rather than antagonism, and helps mitigate staff shortages.

A 2012 Chicago School survey of job satisfaction[2] indicates that an important component of job satisfaction comes from being recognized for using inherent skills and abilities. In cross-functional teams, employees are encouraged to share their skills and abilities with a broader audience, which leads to improved processes and greater job satisfaction. 

As Henry Ford stated, “Coming together is a beginning. Keeping together is progress. Working together is success.”



[1] http://thehill.com/blogs/congress-blog/technology/239113-cybersecurity-talent-worse-than-a-skills-sh...

[2] http://psychology.thechicagoschool.edu/resource/industrial-organizational/determinants-of-job-satisf...

6 Comments
Jfrazier
Level 18

Fortunately we seem to have a coordinated approach between the security team doing VA and the server teams regarding reports of patch levels and vulnerabilities.

Change management has been pushed to the front as mandatory which I feel is a good thing. 

Thank you for your informative blogs in Geek Speak.

cahunt
Level 17

Great points, and from someone who has experienced the lack of a stream line process; that type of structure can have you working toward gathering the proper data to have a fruitful effort.

I have been stuck with aged data at times that would only show a supposed possibility of a culprit. IF there was better correlation between InfoSec and them confirming the data I present, and matching that with the most recent data they have we would in turn have better results and faster remediation of these security issues.

rschroeder
Level 21

This topic is timely; just today I introduced QoE and NPM to another individual in a different department at one of our remote sites.  He was frankly a bit astonished at what he can finally see about his servers, and I think he's going to be an ambassador to the rest of his team, promoting the new information I've made available to them.

We just finished up a great Cyber Security Awareness Week.  It really is amazing the tools and technology available and necessary to protect ourselves, our clients and our business.

jdmatitu
Level 8

This has become a trend now.. We need more IT Security Personnel and to have more ways in exchanging valid informationa and awarenes is a must...

network_defender
Level 14

Just reviewing some older write ups.