Common Security Pain Points for IT Admins and How to Solve Them

 
 
By Chris Preimesberger  |  Posted 2016-07-15
 
 
 
 
 
 
 
 
 
  • Previous
    1 - Common Security Pain Points for IT Admins and How to Solve Them
    Next

    Common Security Pain Points for IT Admins and How to Solve Them

    The role of IT security administrators increasingly is changing as threats evolve. Here are some ways companies can help make their jobs a bit easier.
  • Previous
    2 - Pain Point: Blind Spots
    Next

    Pain Point: Blind Spots

    Security executives only know a part of what's going on in their environment. Systems, data and business units are extremely siloed within large companies. Each group manages its own systems and applications. Picture an office building with security executives managing a team of security guards at the front desk. They make sure only those who should be accessing the building get access; however, once individuals are inside, the guards cannot see what all of them are doing. They cannot see if a visitor went into an office and opened a file cabinet that contained sensitive information.
  • Previous
    3 - Pain Point: Broken Reporting Methods
    Next

    Pain Point: Broken Reporting Methods

    In Bay Dynamics' recent study, "Reporting to the Board: Where CISOs and the Board Are Missing the Mark," 81 percent of IT and security executives admitted they employ manually compiled spreadsheets to report data to the board. The manual process creates a few pain points. Security teams spend hours collecting spreadsheets from the various business units and stitching them together into one coherent data document the CISO uses to report to the board. The data often is inaccurate because manual processes enable data massaging that inherently introduces bias into the data. Measuring cyber-risk becomes an almost impossible task if security executives, other C-levels and the board are not looking at accurate data.
  • Previous
    4 - Pain Point: Inefficient Security Response
    Next

    Pain Point: Inefficient Security Response

    Endless notifications coming from security controls that aren't prioritized based on the value of the asset at risk and the impact of an event, coupled with limited resources, mean security executives struggle with cutting through the noise. They have invested in many security tools, yet have trouble making sense of the information coming from those tools. They view each piece of information as one pixel of a picture. Since they cannot see how all of the pixels fit together into one picture, they don't know where to start. For example, they may focus their attention on a lower-priority vulnerability while a higher-risk vulnerability is overlooked.
  • Previous
    5 - Pain Point: Ineffective Communication of Cyber-Risk
    Next

    Pain Point: Ineffective Communication of Cyber-Risk

    Security executives struggle with communicating cyber-risk information to the board in a traceable, understandable, contextualized way. According to the recent study, "How Boards of Directors Really Feel about Cyber Security Reports," more than half (54 percent) of board members agree or strongly agree that the data presented by security executives is too technical.
  • Previous
    6 - Pain Point: Engaging Line-of-Business Leaders
    Next

    Pain Point: Engaging Line-of-Business Leaders

    Security executives often have difficulties engaging line-of-business application owners, who govern the company's most sensitive assets but are not on the security team. Line-of-business application owners have the best understanding of the assets they govern and therefore can add the required context when something unusual is detected. Security executives must get them involved in the cyber-risk management process so they can add contextual information to notifications and alerts.

    To solve these pain points, security executives should do the following (see next four slides):
  • Previous
    7 - Solution: Identify Where the Most Valuable Assets Live
    Next

    Solution: Identify Where the Most Valuable Assets Live

    Before solving any of the previous pain points, security executives must identify their most-valued assets that, if compromised, could cause the most damage to the company. Once they figure out what those assets are, where they live and who governs them, security executives should devote the vast majority of their efforts to protecting them. That includes uncovering threats and associated vulnerabilities related to those assets and the probability of an attack. They should then apply security resources accordingly.
  • Previous
    8 - Solution: Make It Easy for Line-of-Business Leaders to Participate
    Next

    Solution: Make It Easy for Line-of-Business Leaders to Participate

    Line-of-business application owners should receive a prioritized view of the top threats and vulnerabilities to the valued assets under their governance. That way they know exactly what action must be taken to protect their assets. They also should receive automated alerts if security tools flag unusual access to assets under their control. They then can notify incident responders whether they authorized the access or it is suspicious and needs immediate investigation.
  • Previous
    9 - Solution: Data Collection Must Be Automated
    Next

    Solution: Data Collection Must Be Automated

    It's time to get rid of the spreadsheets. Security executives should implement an automated process for collecting cyber-risk data so that all stakeholders—line-of-business application owners, IT leaders, boards of directors, executives and the security team—are looking at the same cyber-risk information generated automatically. That way security executives can efficiently produce cyber-risk reports that are unbiased, traceable and actionable so that the board of directors can make informed decisions.
  • Previous
    10 - Solution: Speak the Language of Risk
    Next

    Solution: Speak the Language of Risk

    Boards understand risk; security executives also must understand it. Security executives are no longer viewed as the "techies" who only manage cyber-security technology. They increasingly are viewed as risk professionals in the same light as other operational risk leaders (i.e., legal, financial, etc.). Due to this shift, security executives must change their approach. Instead of reporting about patches, misconfigurations and other technology-focused information, they should report about threats, associated vulnerabilities pertaining to their most-valued assets and the probability of those two meeting, then apply security resources accordingly. That's the language the board understands.
 

While enterprise security administrators' roles have become more complicated in recent years as they work to counteract new and more serious cyber-threats, the pain points themselves also have changed. Security executives today are like the quarterbacks of a football team: They are responsible for measuring, communicating and managing cyber-risk across the organization. They must inform their teammates where specific security weaknesses lie and then hold people accountable for taking action to remediate them. Security administrators also are responsible for informing other C-level executives and the board of directors about the current state of the company's cyber-risk affairs and how to reduce these risks. This eWEEK slide show, using research and deep industry information from risk intelligence software provider Bay Dynamics, brings to the fore some common pain points—and some suggested solutions—from executives at large national companies. How many of these do you recognize in your own security system?

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel