Did you know China is having a hard time hiring hackers to meet the demand of vulnerable U.S. security systems?
Okay, well… that might be a fictional story published by satirical newspaper The Onion. But it does highlight an important point: vulnerabilities abound in computer systems, so much so that IT professionals are having a difficult time keeping up with them all.
There’s a variety of reasons for why there are so many security holes.
One factor is complexity. To illustrate, just think about how complicated an organization’s networks are today. Gone are the days when systems simply consisted of desktops and PCs. Now IT personnel have to worry about third-party applications, virtual machines, cloud-based services, and a whole slew of other new devices.
That doesn’t even include what security professionals must do to protect those endpoints. Sure, they can choose to focus only on compliance and simply “check the box,” but as we all know, more robust (i.e. operational) security requires that IT folks invest in continuous monitoring and risk management with the teamwork of business executives.
Without such of support, IT professionals don’t have formal processes they can use to monitor changes on their organization’s endpoints. No processes mean security is bolted on and not built in from the start. And that helps no one.
So, what are companies to do?
If organizations want to truly reap the benefits of operational security, they need to be able to recognize the importance of change, i.e. the “great disruptor.” On the one hand, change can consist of an unapproved modification that signals a breach. But on the other, change is also necessary for organizations to update their endpoints and plug known vulnerabilities.
Security is, therefore, a matter of organizations staying on top of approved changes and flagging unapproved alterations.
That’s not impossible. Monitoring change is the essence IT configuration management, or an organization’s ability to create, edit and administer IT security hardening policies in a way that fits real-world business processes.
To begin, IT personnel need to make sure they work with business executives to ensure change control processes apply to all devices, invest in automated change control capabilities, and leverage white-listing to ensure apps and system remain secure. That type of process consists of several phases, including mapping out an organization’s assets, planning for future changes, evaluating the business risk of an alteration, and implementing the modification.
Interested in learning more about IT configuration management?
Please click here to view “Leveraging Change Control for Security,” a webcast conducted by Geoff Hancock, principal at Advanced Cybersecurity Group, and Jeff Lawson, senior director of product management at Tripwire, on the importance of change control for IT operations and cyber security.
For more information on security configuration management in general, please click here.