Enterprise-wide network security is getting a lot of attention. Countless whitepapers, conferences and presentations focus on cybersecurity, but a fundamental element is being ignored.
“Technology alone can’t defend your network; your people must drive your security.”
Technology is only a tool; hammers don’t drive nails on their own.
It is never anyone’s intent to build systems that don’t effectively leverage the skills of their workforce, but it happens all the time.
Network analysts often spend most of their time pushing buttons and watching lights. Good analysts want to contribute, but must be empowered to do so. And if they are empowered, how easy is it to deliver value?
Approval processes can be unwieldy to the point of inaction, especially for larger enterprise networks. For example, an analyst sees a threat that could be stopped in real-time, but the firewall protocols and approval cycle operate slowly in support of the hacker. A less dramatic, but perhaps more universal, example focuses on firewall logs. Asked if they collect and store firewall logs, all organizations will answer “yes.” That number goes way down, however, when asked how many correlate those logs with other data, learn from it, and make relevant changes to their network defenses.
Organizations do not consciously seek either outcome. It’s largely just a reflection of the day-to-day realities of network defense. It’s difficult for a global enterprise operating and defending 24/7 to make fundamental transformations, no matter how essential. It is, however, being done effectively, efficiently, and with compelling benefits by working from a people-centric perspective.
Process: Knowledge management is key. Connecting analysts across a network increases their knowledge and reduces duplication of effort. The organization is driven by shared intelligence.
Skills: Look critically at the mindset and the motivation of people rather than focusing on certifications. Seek and exploit diversity. Encourage people to find a niche that supports a common goal. The pursuit of passion rarely backfires.
Tools: Focus on the tools that allow analysts to practice their craft, and allow them to drive the tools—not the other way around. Millions of dollars are spent on tools that are soon relegated to the shelf. Address issues with technology that makes sense.
“Calls to action” often are calls for funding. It’s true that most security teams are under-resourced. Prior to spending the next dollar, however, consider this: A recent Ponemon Institute survey of IT leadership in North America revealed that 90 percent of organizations polled scrapped, or never used, security technology they purchased. The next time your organization considers its network defense posture, look first at how your workforce can be leveraged most effectively. Your network—human and technological —will benefit.
Original Post: http://cyber.lockheedmartin.com/blog/technology-cant-defend-your-network-but-people-can