The following is a guest article from Kurt De Ruwe, CIO at Signify.
As strange as it may sound, I admire hackers. Their level of ingenuity and innovation is really quite amazing and their ability to continuously and rapidly evolve is astonishing.
However, I also know this means we as security professionals must innovate and evolve at the same pace or faster. Just as hackers discover and respond to new information and tools, we must, at the very least, match their play.
Securing the modern business is a relentless pursuit and can sometimes feel impossible as the pace of threats seem to accelerate every day. While no organization can legitimately claim to be 100% protected, it's imperative that we do everything we know how to minimize the risk.
But gaining an advantage in this arms race can be daunting. There's no shortage of tools and solutions on the market claiming to be the answer to all security needs.
The truth is that without the right strategies in place for managing the IT landscape — and the IT organization — deploying every tool on the market won't save a business. Cross-departmental communication between IT security and IT operations is critical in getting organizations on the same page, and it's an area where businesses struggle.
According to a study from 1E, "Getting Your House in Order," 70% of IT security and IT operations professionals said their organization is challenged by a lack of understanding among the two teams about how the other works and a lack of collaboration. Only one-fourth said they communicate and collaborate extremely well.
But, clearly IT security and IT operations teams recognize the missed opportunity: in the same survey, 62% pointed to better communication across departments as the number one factor in closing the gap between the two teams.
In fact, closing that gap is a critical, primary factor in maximizing security posture and minimizing risk.
Without these two departments working together, the lack of concerted effort creates conflict, territorialism and blame. But, when these teams come together, the cohesive effort creates a broader, more comprehensive and effective approach.
The source of the divide
In many organizations, the two sides just don't see eye to eye on goals.
Security's mission is the "Holy Grail": maximum protection that's more secure than the White House, the Pentagon and the NSA.
Meanwhile, operations is focused on cost reduction and automation and doesn't see the need to go to that extreme. Not to mention, it's also not very pragmatic. When security gets in the way of productivity, users get annoyed and operations often bears the brunt of the complaints.
This disconnect also means that when problems occur, it often leads to blame and finger-pointing between the two teams.
Both teams play a critical role in protecting the organization, and in fact, 77% of IT professionals say their organization would be significantly safer if IT security and IT operations teams were better aligned.
That's why ensuring collaboration and cooperation between the two is critical for protection and response. By aligning on the goals for the organization and the tool set — as well as sharing the responsibility, information and strategies — the entire IT organization can be much more effective.
Bridging the gap
At Signify, we achieve this by not only aligning on our priorities and jointly defining our security protocols, but also creating multifunctional teams that meet frequently to proactively address issues and work together on solutions.
We also form ad hoc teams when issues arise to handle those with specific focus. By creating this structured and unstructured interaction, our IT security and operations teams can stay on the same page about needs and priorities.
As a team, we've decided that protecting our data and applications is more important that protecting the perimeter. So, we've aligned on strategies to achieve that.
Standardizing on Microsoft solutions
When we split out from Philips, we purposefully chose this route. We figured that if Microsoft can run with only Microsoft tools, we can too.
So, we've adopted the full suite: Windows 10, Defender, encryption, Azure Active Directory, Azure data protection and Intune. This way we're all working on the same page.
It took us more than a year to fully migrate from Windows 7 to Windows 10, but getting it done not only puts businesses on the most secure Windows OS and every endpoint is on the same level playing field.
Make updates and patches mandatory
We know that keeping our systems secure means full compliance with applying the latest patches as soon as they're released. In our organization, that means users cannot refuse updates.
We use the automated update process of Microsoft and when needed, Tachyon by 1E, to deploy and install patches enterprisewide. It happens automatically, seamlessly and quickly.
Use direct internet connectivity
Windows patches can be large — it's not uncommon for a single patch to be 5 Gb.
WAN bandwidth is limited, which makes deploying those large patches a huge drain on our resources and it slows down usability for everyone. So, we got rid of the WAN.
Now every machine is directly connected, and virtually everything lives in the cloud, from Office 365 to data and other solutions. This also solves the problem of keeping remote users up to date.
For companies that only apply patches when those devices come on site, these machines are the weakest link and the biggest risk. With everything in the cloud, and automatic deployment through a tool like Tachyon, you know every device is up to date as soon as the patch is available.
While we do have some outstanding tools at our disposal, the key to keeping our organization secure is the synergy between IT Security and Operations personnel.
By working together, sharing knowledge and solving problems jointly, we are much more proactive, responsive and secure. Adopting a similar cooperative approach can have a significant impact on the efficiency and security of any size organization.