Security Operations and IT Operations: Finding the Path to Collaboration

Issue link:

Contents of this Issue


Page 1 of 23

April 2017 2 The security operations (SecOps) function takes many forms. For some organizations, it is simply an incident and event management device. Oth- ers have a more elaborate concept of their SecOps strategies and technologies. But most companies I've worked with, both small and global, lack ad- equate clarity for SecOps objectives. SecOps manifests in many ways, but it's likely to be administered via a cybersecurity operations center (CSOC or SOC) of some sort. For those com- panies that do have a clear picture of what they should be doing, execution of that vision imme- diately and on an ongoing basis will be the next challenge. What follows is a picture of what fully operational security operations can do. Designing, building, and operating with ongoing optimization of performance and maturity is the program I develop fully in my SANS management course. If your organization has these functional capabilities; technology, people, and processes in place to accomplish these objectives; and an ongoing dialogue with the business for matu- rity, then congratulations! You and your team are among the global elite. Security Operations and Functions My definition of security operations is the ongo- ing protection of an organization's information assets. This covers the people, systems, and data entrusted to the organization. SecOps is a support function to the business operations, and it should be fully integrated with those operations. To that end, I use several functional areas to explain what complete security operations entails. The groups below are functional areas. Some companies will combine these groups, and some will have distinct organizational units. But the functional capability is what is important. What Your SecOps Team Can (and Should) Do If your organization has all these pieces in place, congratulations! COMMENTARY Chris Crowley Independent Consultant, Montance Register Register Previous Next Previous Next Lab Test Reveals the True Value of Threat Intelligence Content Spotlight Provided by:

Articles in this issue

Links on this page

view archives of InformationWeek - Security Operations and IT Operations: Finding the Path to Collaboration