What the Super Bowl Teaches About Cyber Security Ė Are Security and Operations Uniting Like a Team?
By Allison Cramer Director, BMC
February 6, 2017I survived the play offs, wondered why anyone watches the Pro Bowl, and then set my focus on the Super Bowl. Who would win Ė who had the best skills, best coaching, best records, etc. As I wondered I started to see similarities between the relationships of the players and the relationships of security and operations teams. Stick with me for a moment. At the simplest level, the defense is there to make sure that the opposing team doesnít score. They donít know what play the offense will use, but as the defense sets up they may be able to see holes in their ability to defend. At that point, the players will call to one another and make adjustments. They are trying to eliminate vulnerabilities. Now, if one player is calling out adjustments (security), but the other players (operations) either canít take action, are overwhelmed by the number of actions, or are too busy focused on a different problem they see, then what happens? Well, there is a good chance the offense will succeed and breach the line. And if it happens too often the Defensive Coordinator will be the one who gets sacked.
So, what went wrong? Poor communication? Lack of agreement on the priorities? Inability to handle an audible Ė no rapid way to match adjustments to the opponent. Statistics indicate that most breaches take advantage of known vulnerabilities. If thatís the case, then the security team may point to their vulnerability scans and show that they had indeed delivered the information to operations. They called an audible. The operations team says the reports are huge and donít give the information needed to identify and remediate problems. So, they either didnít hear the audible or couldnít figure out what play they had to run. Teams canít operate like thisÖ. well, maybe the Browns.
Get your Security and Operations Players Unified and
Acting Like a Team
SecOps, which is similar to DevOps, is a combination of tools, processes, and culture change that encourage the two organizations to share accountability and work together as a team. To drive the culture change, leaders need to ensure that the teams understand that they are all responsible for security and compliance, and the hand off of tasks does not imply a hand off of accountability. They succeed and fail together. Only together will they have the resources and ability to meet the challenges presented by todayís sophisticated hackers Ė who ALSO work in teams. When you draft your defense in fantasy football, you donít do it player by player. Itís as a unit.
Give The Team the Right Equipment to Play
Given the volume of data and the manual processes required to tie this data to known remediations, itís a situation ripe for automation. A comprehensive, policy-based automated approach that identifies, remediates, and tracks vulnerabilities could allow the teams to get some basic plays down so that they are focusing on the bigger issues. Automation should reduce the risk of misconfiguration and improve the systemís stability through granular, role-based access control. It should also enable you to dramatically reduce the time required for logging changes in the change management system and reduce the risk of outages by unifying processes across server platforms.
The Security teams will get real-time visibility into the vulnerability of the health of the IT environment and approach a state of being audit-ready all the time.
Get Your Stars to Unite As A Team
Be the MVP Ė Lead the Change
Another great thing about football is that the leader of the team can be anyone. The coach is fairly obvious, but who picks the team up and gets them excited about the game? Who is the firecracker, that when they hit the field everyone works just a little bit harder? A very famous football coach is reported to have once said ďPeople who work together will win, whether it be against complex football defenses, or the problems of modern societyĒ. Will you be the one to help your organization work together to win?
By the way, if you find me at RSA Conference 2017 in San Francisco and can tell me who the quote is from Ė Iíll owe you a coffee.