Cyber Resilience is a question of good SecureOps, not tools

Dirk
Dirk Schrader (CISSP/CISM)
Global VP of Marketing
NNT - New Net Technologies

Cyber Resilience is a question of good SecureOps, not of good tools.

It should be simple right? Deploy the right, cool tools that the cyber security vendors promote and sit back basking in a safe and secure world!

If only that were true but sadly, as we all know too well, incidents happen, companies still get breached and the question remains ‘Why?’.

Part of the answer is: Operations; or – to be more precise – the lack of good security operations. Cyber Security is a process not a set of tools!

Traditional gaps still exist, for example between IT Service Management, IT Helpdesk and IT Security. ITSM needs to keep IT running and as long as IT does run it’s fine whereas IT Security wants to win the constant battle of keeping systems in a secure state, asking for patches and updates installed in near real-time, thus interrupting a running system. As their objectives differ, aligned operations are the key to increase an organization’s cyber resilience, its ability to withstand attacks, to master the impact should one hit, and to return to a normal or even improved state.

Achieving this goal is further hindered by the existing asymmetry between defenders and attackers. In a regular enterprise you will find dozens of different devices, operating systems, applications, databases, networking devices – you name it – which have to be kept in shape by IT Security and kept running by ITSM alike. Their knowledge and ability to keeps things tied together and orchestrated is stretched with each and every new system and digital process. And there will be many when a company decides to move forward into digitalization of business models and business processes.

The opposite is true for the attacker’s. For them it is the one vulnerable system they need to get in, to exploit and infiltrate. They can wait for the new RCE vulnerability being published (like PrintNightmare) or use malware-as-a-service (like REvil) to come back and see whether the defenders have missed it.

A new facet of ransomware attacks appears to have established itself, born out of an ‘abundance of caution’. Companies detecting a suspected ransomware attack are opting to shut down entire global IP networks early to prevent any serious harm. It seems that organizations lack the confidence to detect a potential attack, leading to drastic – and often unnecessary - wholesale action in response, which only increases the stakes and adds to the pressure.

That is why SecureOps is needed, why SecureOps-as-a-Service will help enterprises to increase their cyber resilience.

Secure operations need to be effective to support an organization’s cyber resilience, a fact that is supported by a Ponemon research regarding SOCs in which the effectiveness of them is still rated as low. That verdict is mainly based on a visibility problem, seeing the important data points only and seeing them as quick as possible.

SecureOps-as-Service is designed to help NNT’s customer achieve effectiveness and efficiency in their security operations. It does so by going through two stages.

In stage 1, the service will help an organization to understand the largely unpredictable element of change noise and prepare its change control best practice process to include a security perspective. Integration with existing ITSM tools or process provides a unique view of ‘what good looks like’ as it relates to the activity, we should see within our production environments. Operations providing security with invaluable insight – SecureOps!

In stage 2, the most important component of an effective Change Control operations, the closed-loop, intelligent control of all changes is introduced and its power to automatically analyze and evaluate all change activity ensures that changes are validated as being implemented accurately, and only as approved. Arguably the only way to protect from advanced threats such as Zero Day malware is to analyze changes for authenticity. SecureOps as a Service arms you with the process and tools to make sure you are fully equipped to do so!

SecureOps as a Service is described in more details here. It will help you in many more aspects of cyber resilience.

Cloud and Container Security
The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
Information
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.