This blog post is an excerpt from GovLoop's recent report How SecOps Can Benefit Your Agency. Download the full report here.
Think of SecOps as a management approach that bridges the gap to connect security and operations teams, in much the same way that DevOps unifies software developers and operations professionals.
SecOps links the security and operations teams together to work with shared accountability, processes and tools to ensure that agencies do not have to sacrifice security to maintain a commitment to uptime and performance.
This is certainly a cultural shift for many agencies, and one that requires them to first address the conflicting priorities between security and operations teams, according to BMC. IT Leaders need to step in and demonstrate that they are all accountable for ensuring the agency and its customers are protected.
When SecOps methods are embraced, security employees can no longer simply hand off results from a vulnerability scan to operations team members and think their work is done. The goal is to keep both teams engaged in the process and provide visibility into what changes need to be made and the possible impact of those changes to other parts of the business.
When these teams don’t have an effective way to transfer and consume information, agencies can struggle to quickly remediate vulnerabilities. On average, it takes 193 days from the time an agency is aware of a vulnerability to the time it’s fixed. Another chilling statistic is that 99.9 percent of vulnerabilities exploited have had a published CVE (Common Vulnerabilities Exposure) for over a year. Rob Joyce, Chief of Tailored Access Operations at NSA said, “There’s so many more vectors that are easier, less risky and quite often more productive than [zero day excursions]. This includes, of course, known vulnerabilities for which a patch is available but the owner hasn’t installed it.”
BMC’s aim is to help agencies confidently build a strong security posture by facilitating more effective communication between security and operations, so they can quickly and accurately prioritize and remediate threats. A strong SecOps solution transforms disconnected initiatives into a single, unified, secure, and comprehensive process that accelerates vulnerability resolution, controls the cost of remediation and mitigates risk.
This capability will enable security and operations teams to become more agile and move to a proactive security position for both cloud and on-premise systems. It will also allow the teams to more readily embrace key business initiatives related to managing the impact of digital transformation, the Internet of Things, and continuous delivery of services. These are vital to the performance of the agency but create significant security concerns if they are not managed with rigorous and adaptable controls.
Centralized management solutions can help facilitate coordination and collaboration between security and operations teams. According to the BMC/Forbes study, 60 percent of the respondents reported that they want tools for automating corrective actions and 59 percent want a centralized view into vulnerabilities and remediation actions.
SecOps empowers agencies to take a comprehensive and proactive approach to security issues rather than a reactive approach. Agencies can manage by policy and automatically address security issues to protect their agencies.