Skip to main content

How security pros can overcome operational pressures

@rogers
Security - May 29, 2017

How security pros can overcome operational pressures

Advanced security threats represent the biggest source of operational stress for Canadian IT professionals, with 25 percent listing it as their top concern, according to the 2017 Security Pressures Report from Chicago-based cybersecurity vendor Trustwave. Lack of budget is another major source of operational pressure, with 20 percent citing it as their biggest headache. The report is based on surveys of more than 1,600 IT professionals from around the globe.

In Canada, 53 percent of respondents said they felt more pressure to secure their organizations against cyberthreats in 2016 than the year before. The same amount believed they would face increased pressure in 2017.

Advanced security threats and budget

For most IT professionals, basic threats are still a bigger problem than advanced attacks, said Stewart Cawthray, General Manager of Enterprise Security at Rogers Communications. He used the recent WannaCry ransomware attack, which infected more than 250,000 Windows machines across the world, as an example.

“WannaCry wasn’t an advanced attack,” he explained. “If you had applied the patch Microsoft released in March, it wouldn’t have impacted your machines. Organizations really need to worry about basic security processes like patch management, before they address more advanced threats, because it’s more likely they’ll face a basic attack.”

However, when senior executives hear about advanced threats, they ask the IT security team how the company is dealing with them, Cawthray said.

The best way security professionals can deal with advanced threats is to create a plan showing how an organization will ultimately implement the technologies needed to combat those threats. But the core of that plan still needs to focus on fundamental, basic security practices like patch management, Cawthray noted. “The really good IT security managers are the ones who can explain how the base fundamentals will protect against advanced threats,” he said.

Time, complexity and skills

Other significant operational pressures cited in the Trustwave study include a lack of time, security product and technology complexity and a lack of in-house security skills.

Security professionals can relieve these pressures by outsourcing some of their workload, Cawthray explained.

“IT security isn’t a nine-to-five job,” he noted. “It’s a 24-hours-a-day, seven-days-a-week job.”

Almost no company has enough staff to handle 24/7 monitoring, so it makes sense to turn to a service provider to cover off-hour shifts, or handle basic threat monitoring before escalating issues to in-house staff, Cawthray said.

A service provider can also help organizations deal with product complexity. Most companies buy security products, such as firewalls, with the expectation they’ll be replaced in three to five years, Cawthray said. Unfortunately, he noted, security threats evolve at a much faster rate.

In many cases it makes more sense to turn to a service provider and purchase security as a service, Cawthray explained.

“You don’t want a provider who only offers to manage your existing products, because then you’re faced with the same problem of having obsolete hardware or software,” he said. “You want a provider who offers a service level. You tell them you want to be protected against certain things and then it’s up to the service provider to make sure you’re protected against those. Now you have a consistent operating cost for a specific level of service and the complexity is removed."