Security Means Managing What You Already Own First

By Eric Noonan • December 11, 2014

A trend that I have picked up on in conversations with CIO’s, CISO’s and other leaders responsible for securing the enterprise is the huge gap between what they need and what many vendors are marketing. Security leaders in the trenches need solutions to optimize and integrate existing tool investments, manage security capabilities in a coordinated way, and a means for engaging in business conversations about the security they deliver. Vendors seem focused on marketing the future and selling more capability into already resource-strapped security teams that can’t even effectively use the tools they already own due to an under-investment in people and process.

Instead of buying more “stuff”  to manage I’d suggest finding a way to measure and manage what you already own. What’s that look like?

Focus on the things you have control over, for example, privileged accounts. Instead of academic discussions around data classification (you know with all the re-organizations and M&A activity you are never going to get there) put your energy into identifying, reducing and then managing your privileged accounts. You own and control your privileged accounts and they are exploited in 100% of the attacks you are most worried about so before you buy that next-generation firewall make sure you’ve taken care of the fundamentals.

Another opportunity to seize today in lieu of investing in the unknown future is vulnerability management. Your effectiveness at vulnerability management has a direct impact on nearly every other part of the security organization you manage. No process for patch management:  expect to spend more on incident response. Scanning only a portion of your environment: expect more alerts for your Security Operations Center team to manage. There is a direct correlation between resources consumed in other areas of security and your investment in vulnerability management. It’s another example of managing what you already own before you try to ingest another tool without adding any engineers or process.

I’m not suggesting that CIO’s and CISO’s shouldn’t be trying to “see around corners” and prepare for the future but the amount of hype about what’s next taking away the focus from managing today.

CyberSheath Blog

How to Safeguard Your Company from Phishing

Email is so ubiquitous in our everyday lives that it can be a challenge to always be on guard when receiving messages. Each day it’s not unheard of for each member of your team to have hundreds of messages land in their inbox. How do you make sure that none…

3 Tools to Help Defend Your IT Infrastructure from Threats

With the continually evolving threat landscape and the prevalence of team members working from home, it is more important than ever to be proactive with how your company is protecting itself from cyberattacks.  CyberSheath can help. We offer services to build on all the great work you have already done…

DNS Filtering for Additional Protection of IT Systems

Phase one of securing your IT infrastructure should include protecting your endpoints and safeguarding your employees from phishing attempts. After you have implemented these controls, the next logical step is to launch a DNS filtering solution.   What is DNS filtering and why do you need it? Domain name server…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO