Digital Transformation
cancel
Showing results for 
Search instead for 
Did you mean: 

4 quick wins you can make to better protect your digital enterprise with Converged Security

GerbenVerstraet

Man with HP laptop - photo for blog.jpg

Forrester recently reported that overall enterprise spending on security is increasing (by about 80% in the space of two years, according to Forrester’s “Understand Cybersecurity And Risk Budgets For 2015”). This report confirmed what I have been hearing from customers. What I have also been hearing from customers is that the increase in budget isn’t doing enough to keep their enterprises secure.

Throwing more money at security will only take you so far. The problem is, security is too often a constellation of point solutions running separately from the rest of IT. And security is still siloed and technology focused, rather than an integral part of the IT Value Chain.

Your enterprise is much more secure when you bring security, line of business application teams, and operations together. At HPE, we call this Converged Security, bringing security's tools, processes, and disciplines into “mainstream IT.” This means making your enterprise secure by design: getting security practices into IT processes earlier, making security an integral part of your application lifecycle, integrating information from IT operations into your security operations center, and automating the processes for pinpointing and quickly neutralizing threats and non-compliant services infrastructure. Here are four ways to get started with Converged Security, as well as three best practices for security leaders.

 

Improve security by looking at use cases

My viewpoint on Converged Security has been validated through the many customer interactions I have had over the last couple of years. But I also realized that eyewitness testimony was not enough. I was often being asked by customers for any data about the ROI of Converged Security. So late last year we asked Forrester to conduct a survey for us, which you can download from our website (“Converged Security: Enhance Your Security And Protect Your Digital Assets By Focusing On Use Cases, Not Technologies”). This research validated our point of view. Customers are adopting Converged Security and benefiting from it (even if some of them don’t actually call it that).

As you can see in the Forrester paper, the benefits are compelling (reduced risk, increased productivity, and so on). So how can you get started? Converged Security or “security by design” may sound like a tall order. But not if you take the approach of looking at your use cases and pain points. One way we’ve found for organizations to make relatively quick wins in Converged Security is by addressing low-hanging fruit through automation and integration of capabilities. Increasingly, I find myself talking to security leaders about automation strategies. With the right communication, information, and automation, security design is incorporated, end-to-end, into IT's products, services, and culture.

 

Take a Converged Security approach with four easy automation targets

In HPE Software Services, we look at security pain points in the context of your entire IT Value Chain, so it becomes easy to see where you can make the most impactful changes. (If you’re interested in learning more about a Value Chain approach, check out our resources on IT4IT.) Many enterprises struggle with common security challenges where automation can make a big difference. These four common scenarios for automation are great onramps to Converged Security:

  • The overwhelming number of known events. There are more alerts coming into your SOC than you can manually address. And there is valuable data in your ops center that is not shared—you don't even know it's there. Through integration and automation, you can make sure all relevant data is going into the SOC, so you have a solid understanding of the business impact and the priority and can automate the responses based upon these criteria. This requires standardized and pre-certified infrastructures and a good configuration management system enriched with risk profiles to ensure automation outcomes are predictive and will not negatively impact the business.
  • Issues around software updates and compliance. A high number of attacks are through the exploits of known vulnerabilities caused by misconfigured or unpatched systems. You need to automate the response: If the system detects that something is out of compliance and a patch is available, remediation can simply be automated.
  • The events requiring more investigation. An adversary is snooping around, and rather than completely shut him out, you could automatically spin up a honeypot to isolate them so that you can do reconnaissance on the adversary and their techniques. We've set this up for clients: There's a honeypot spin-up on standby, and once we find an adversary snooping around, we spin up a contained environment. We immediately route the adversary to the honeypot instance and watch them.
  • Releasing applications in a secure manner. As organizations are under pressure to release applications and new functionality faster than before, traditional testing of vulnerabilities has been done late in the development cycle. By bringing in automated processes and technology where security tests are seamlessly integrated early on during development (e.g., at the IDE), application teams deliver quality and secure applications and reduce cost while minimizing risk.

Just automating these categories alone can provide great gains for security teams. But most, if not all, of the opportunities are not purely in security's hands. That's why it's vital to change how you communicate with your peers in mainstream IT.

 

3 best practices for security leaders to follow in Converged Security

Security leaders need to make sure they are part of the entire IT lifecycle, stakeholders in everything from application design to service delivery. For practical results, I advise three steps that should become a continual part of your security practice:

  1. Inject yourself into initiatives. When new big data or cloud migration projects are under way, find out how to integrate security.
  2. Talk to Ops: What do they know? Integrating operations data with security data can help you prioritize and find real breaches earlier. When you integrate Operational data sources with your security operations, you can identify lower-level issues before going to full alert status and prioritize resources against up to date business impact, that way you don’t waste resources and perhaps neglect more significant issues.
  3. Ask yourself, “What can we automate?” Within the SOC, what can you do to better manage the overwhelming flood of alerts? Automating the triage of smaller issues, or ones more easily remediated, makes a tremendous difference.

 

The bottom line of all of this is that you have to reach across the aisle. Security has long been a neglected stepchild, if you will, in enterprise IT. Security is everyone’s problem and we can’t continue to work in silos. Often, when I'm invited to do a security workshop, I'll enter a room of security analysts. I always ask them, “Where are the IT and application folks?” Usually, someone asks me, “Why do we need them?” The same is true when meeting with IT. I'll reply, “Well, I think you do need each other.” It's the reality of business and IT today, and leaders need to step up, to grow into that space, because IT must be one cohesive team. 

To learn more about Converged Security best practices and the results that organizations have seen from adopting them, see the Forrester paper: Converged Security: Enhance Your Security And Protect Your Digital Assets By Focusing On Use Cases, Not Technologies. Or check out our page on Converged Security Services.

 

Gerben Verstraete works in the CTO office of HPE Software Services, with a focus on BSM, security, and the transformation of IT operations. Follow him on Twitter at @GerbenVerstraet or connect with Gerben on LinkedIn. 

Related links:

Chief Technologist
HP Software Professional Services
0 Kudos
About the Author

GerbenVerstraet

Labels
Events
28-30 November
Madrid, Spain
Discover 2017 Madrid
Join us for Hewlett Packard Enterprise Discover 2017 Madrid, taking place 28-30 November at the Feria de Madrid Convention Center
Read more
See posts for dates
Online
HPE Webinars - 2017
Find out about this year's live broadcasts and on-demand webinars.
Read more
View all
What's New
Posted to:
Original author:
Posted to:
Original author:
View all