Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bridging the Gap Operations and Security

Published byBuddy Allison Modified over 5 years ago

Similar presentations

Presentation on theme: "Bridging the Gap Operations and Security"— Presentation transcript:

1 Bridging the Gap Operations and Security

2 Craig Bowser 15+ years in InfoSec Security Analyst, SOC Manager, Information Security Manager, Security Engineer, All Things SIEM GSEC GCED CISSP Christian, Father, Husband, Geek, Scout Leader who also does some woodworking To Do List > To Do Open Slots

3 Ideally….

4 Commonly…

5 At best…

6 So what are the causes? 3 Foundational issues 3 Technical issues
3 Additional tips

7 FUNDAMENTAL ISSUES

8 Issue #1 - Bad Staff Structure
Does each group report to a different CXO?

9 CEO CIO CSO VP IT VP Sec Dir OP Dir Sec IT Security IT Manager
Sec Manager IT Security

10 Issue #1 - Bad Staff Structure
Does each group report to a different CXO? Is security viewed as compliance not as an operational group?

11 Make Checklist Check off first item on checklist Display completed items on checklist

12

13 Suggestion #1 – Align Staff Structure
- Align Ops and Security under one head at an appropriate level

14 CEO CIO CSO VP IT VP Sec Dir OP / Sec OR CCB IT Security IT Manager
Sec Manager IT Security

15 Suggestion #1 – Align Staff Structure
- Align Ops and Security under one head at an appropriate level - Move audit/ compliance into their own group

16 Issue #2 – Each Group Has Different Goals
Security wants to protect Ops wants max uptime

17 Suggestion #2 – Align or Merge Goals
- Management needs to provide guidance and set priorities - Align with organization mission and goals

18 Issue #3 – Who is doing what?
Does each group have their own procedures for the same situation? Is there confusion over investigative and reporting responsibilities?

19 Suggestion #3 – Get signed policies
- Designate Roles and responsibilities. - List authorized actions. - Develop SOPs

20 TECHNICAL ISSUES

21 Technical Issue #1: Patching and Secure Configuration
Patch Now! Fix your configs! Don’t you know how important this is?!?! Need to test! That’s not critical! That config breaks the app! Stop talking down to us!

22 Suggested Solutions - Build and use a test bed
- Review and prioritize fixes - Provide fix suggestions - Develop alternative mitigations

23 Technical Issue #2 – Ops installs new application or Capability
Deploy Now! Users Need! Customer Wants! Why don’t you understand operations / business? What? We have no warning / prep! Completely insecure! Opens up holes! Skipped security testing!

24 Suggested Solution - Build and use a test bed
- Involve both sides early in requirements phase - Ensure security understands problem Ops is trying to solve

25 Technical Issue #3 – Security implements new tool / process
Enhance security! More rules! Trust but verify Analyze all things! Don’t you see how this makes us more secure? More things breaking! More users / customers yelling! Slower network! No visible benefit!

26 Suggested Solution - Build and use a test bed
- Get Ops involved early in planning - Eat your own dog food - Phased implementation

27 ADDITIONAL TIPS

28 Finishing Touches Help retire a device that’s EOL
Use your monitoring tools to augment theirs Respond to their requests for assistance

29 CONCLUSION

30 Questions? Craig Bowser @reswob10

Download ppt "Bridging the Gap Operations and Security"

Similar presentations

Security for Mobile Devices

Security for Mobile Devices
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
© Pearson Prentice Hall 2009

© Pearson Prentice Hall 2009
ORGANIZATION. 2 Problem scenario  Develop an organizational chart for your laboratory showing lines of authority from the head of the organization to.

ORGANIZATION. 2 Problem scenario  Develop an organizational chart for your laboratory showing lines of authority from the head of the organization to.
NERC Security Requirements – What Vendors Should Provide James W. Sample, CISSP, CISM Manager of Information Security California ISO.

NERC Security Requirements – What Vendors Should Provide James W. Sample, CISSP, CISM Manager of Information Security California ISO.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Problem Management Overview

Problem Management Overview
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.

INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
Roadmap to Maturity FISMA and ISO 2700x. Technical Controls Data IntegritySDLC & Change Management Operations Management Authentication, Authorization.

Roadmap to Maturity FISMA and ISO 2700x. Technical Controls Data IntegritySDLC & Change Management Operations Management Authentication, Authorization.
April 14, 2003- A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Blueberry Software IT Security Audit Results. Results: Good.

Blueberry Software IT Security Audit Results. Results: Good.
1 ISA&D7‏/8‏/2013. 2 ISA&D7‏/8‏/2013 The Analysis Phase System Requirements Models and Modelling of requirements Stakeholders as a source of requirements.

1 ISA&D7‏/8‏/ ISA&D7‏/8‏/2013 The Analysis Phase System Requirements Models and Modelling of requirements Stakeholders as a source of requirements.
ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005.

ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005.
Systems Analysis and Design

Systems Analysis and Design

Similar presentations

Ads by Google