Discover Performance

HP Software's community for IT leaders // September 2012
Subscribe

Improve security with an Ops alliance

A partnership between Security and IT Ops is the first of four steps to greater security and reliability.

Maintaining a strong security posture is increasingly difficult for enterprises. Cloud solutions, mobile technology and the BYOD trend all make it harder to predict, identify and respond to threats. The increasing speed of business is similarly challenging for the Ops team. Both groups tend to work in parallel, their information and insights siloed. That’s going to have to change.

Faster and better decision-making is predicated on visibility into both the operational health of the organization and the levels of security and compliance risk. Inspired by DevOps principles, the SecOps movement seeks to remove information silos that prevent Ops and Security from collaboratively working to reduce business risk.

The name itself, SecOps, has drawn criticism and some confusion as advocates struggle to differentiate the concept from DevOps, the separate effort to remove silos between those delivering and maintaining applications—the Apps and Ops teams. Whatever name eventually sticks, this collaborative approach between Security and Operations can help businesses recover more quickly from threats and service outages, degraded application performance and slow networks.

Shared insights, better security

From the Ops perspective, collaboration with Security provides a means to tell when a hit to infrastructure performance is not just an application malfunction, but rather an attack. Having Ops teams able to raise that flag helps the security leader too, and enables the CISO to:

  • identify and resolve threats faster;
  • evaluate and prioritize threats better, thanks to greater severity context;
  • raise the business priority of identified issues;
  • reduce investigation of false positives; and
  • reduce cost by team collaboration.

An example of effective Security/Ops collaboration: Pooling and correlating telemetry and log data from across the organization can provide relevant context to efforts at resolving mission-critical application downtime. The organization can now understand not just whether the cause is a security incident, but also the “big picture” threat to the business.

Framing a productive partnership

Breaking down information silos requires not just buy-in, but active participation from key stakeholders in Ops and Security. The process of moving toward greater operational intelligence has four basic steps.

Step 1. Establish a partnership. Have an initial discussion with the Ops team to express the advantages of collaboration, and to explore the potential of sharing data across your teams and collaborating regularly, especially during crisis intervention.

Step 2. Agree on objectives. To collectively decide how to focus the benefits of increased visibility, identify and prioritize services that you can improve through collaboration. Note that Ops’ and Security’s focuses don’t always align; this is the time to resolve conflicts and identify logical intersections of interest.

Step 3. Identify data for sharing. Which resources can be shared? How can you consolidate the relevant solutions, and, where are there gaps, redundancies or other issues? Not all security data is appropriate to share, so identify exceptions.

Step 4: Set specific goals, including automation, and remove roadblocks. Now that you have a sharing plan, set out specific tasks to leverage collaboration as fully as possible. Remove barriers to success and finding opportunities to automate processes. Specifically:

  • Retire redundant applications; when there is a technology conflict, standardize on one.
  • Decide how to remediate crises before they occur.
  • Define roles, responsibilities and workflows.
  • Create automated processes where appropriate to expedite workflows and eliminate human error.
  • Practice collaborative response regularly.

Raising the efficiency of security

Collaboration between Ops and Security doesn’t replace departmental specialization, which will continue to exist as it always has. Cooperation simply creates a data superstructure that lets these disparate teams resolve issues more quickly and leverage the advantages of a common analytics platform. 

For years, Security has operated largely as a separate domain within IT. Finally, best practices are emerging to help you transition from a quiet cost center to a full participant in the agility and efficiency of the business at large.

Find out how HP can help organizations operationalize collaboration efforts between Security and Ops with integrated tooling to view and organize aggregated domain data.

For more information about coordinating operations and security, read about HP’s BSM 9.1, integrated with ArcSight Logger for greater security visibility.


x

IT leader assessment

This tool evaluates the correlation between IT attributes and business success and, based on how your answers compare with average scores, will advise you where to invest in IT.

It is based on data HP collected from 650 global companies about a range of IT characteristics (server capacities, approach to information management, security, BYOD, etc.) and how they correlate to revenue gain. This assessment will compare your answers to the average scores in that study.

There are 12 questions that will require an estimated 10 minutes of your time. You'll receive a summary of your rating upon completion.



Let's get started
x

Please select an answer.
x

Analysis:

Your answer:
Your score:
Average score:
Revenue leaders' score:


x

Please select an answer.


x

Results

Your score:
Average score:
Revenue leaders' score:


Get detailed results:

Subscribe

Popular tags

Events

Discover Performance Weekly

HP Software’s Paul Muller hosts a weekly video digging into the hottest IT issues. Check out the latest episode.


HP Protect 2014

Keep up with announcements as the world’s top information security talents meet to discuss new strategies and share information. Washington D.C., Sept. 8–11.


Enterprise 20/20

Security 20/20

Preparing today for tomorrow’s threats.

Introduction to Enterprise 20/20

What will a successful enterprise look like in the future?

CIO 20/20

Challenges and opportunities for the CIO of the future.

Dev Center 20/20

How will we organize development centers for the apps that will power our enterprises?

Marketing 20/20

Welcome to a new reality of split-second decisions and marketing by the numbers.

IT Operations 20/20

How can you achieve the data center of the future?

Employee 20/20

What the workforce of 2020 can expect from IT, and what IT can expect from the workforce.

Mobility 20/20

Looking toward the era when everyone — and everything — is connected.

Data Center 20/20

The innovation and revenue engine of the enterprise.

Read more

HP Software related

Most read articles

Discover Performance

Archive

Tweets @ HPSecurity