sb-as logo
Story image

Security: A miserable job?

11 Jan 2019

Article by ServiceNow chief information security officer Yuval Cohen

The security sector is a tough industry to be in – when all processes are running smoothly, security professionals are invisible. However, the moment something goes wrong, all blame is focused squarely in their direction. 

Third-party and in-house cybersecurity experts have a ton of responsibility. They work within a complex environment with real-world consequences. With a number of high profile data breaches reaching the public domain this year – with SingHealth and Securities Investors Association Singapore being the most recent targets of cyber attacks – security has quickly become one of the biggest concerns of organisations. Still, it’s easy to misunderstand the purpose of what security professionals do and see these growing procedures as an obstacle to productivity. 

It’s fair to say, in a lot of ways, this has the potential to be a very miserable job — even though it’s great in so many ways. 

A pack of sheep surrounded by wolves

State-sponsored attacks, ransomware, fake news, and targeted misinformation are all tools of war in the information age. Many of these attacks aren’t even reported by the press or known by outsiders. According to a study by ServiceNow and Ponemon Institute, Singapore organisations surveyed spent an average of 18,096 hours per year and USD $ 1,359,375 per year preventing, detecting and remediating vulnerabilities. 

The security industry can be the proverbial pack of sheep surrounded by wolves. As such, security professionals often stick together, even if they are rivals. Versus the ‘us against them’ mentality, it’s quite common for a financial firm’s security officer at a rival company to reveal they encountered a weird virus and offer to send samples or compare case studies. 

The balance of power in the equation is so lopsided when protecting data that everything security professionals do to help each other, helps the good guys. By working with peers, sharing best practices and insights empowers security teams to do a better job in defending organisations. 

Task overload

For security teams, a big part of the challenge is simply being overwhelmed by workflow management. It’s difficult to allocate resources between detection and operational capabilities, and to find the right blend of defensive and offensive posturing. 

Further, Singapore-specific insights from the ServiceNow and the Ponemon Institute revealed that: 

• 60% respondents said their organisations were at a disadvantage in responding to vulnerabilities because they still use manual processes; 

• More than half (54%) agreed that IT security spent more time navigating manual processes than responding to vulnerabilities, which led to an insurmountable response backlog and; 

• 68% attributed delays to lacking a common view of applications and assets across security and technology teams 

Getting in front of the challenge

At the end of the day, there will always be employees who open email attachments from strangers, choose obvious passwords, or use insecure communications unless they are prevented from doing so, or if technology paradigms change. Anticipating such actions to continuously take place allows security teams to be more equipped, organised and forward-looking. 

The urgency to adopt new approaches is increasing. Organisations in Singapore can apply automation to create a robust, efficient and effective security hygiene model. If a target has robust defenses, or presents more hassle to infiltrate than it’s worth, odds are the bad guys will move on to something else. More, little things such as establishing continuous tracking software patches, detecting irregular login patterns, and making it easy to report phishing attacks go a long way. 

Seamless processes are even more critical in a rapidly changing work environment. Multi-cloud environments mean it’s easier to pass the buck on blame for attacks. The rise of BYOD and shadow IT mean that new attack vectors show up every day, and security and IT have to be in constant communication. 

With the right steps, this doesn’t have to be a miserable job. Keep the lines of communication open with fellow security leaders, find signals and anomalies that matter in the endless data noise, and advocate for security experts everywhere. Getting in front of the challenge makes all the difference. 

Story image
Remote workers need to up their game to keep organisations secure
According to the study, employees' habits, including password re-use and letting family members use corporate devices, are putting critical business systems and sensitive data at risk. More
Story image
Chinks in the armour: Why the post COVID-19 cloud is easy game for cybercriminals
Now’s the time for CIOs to pause and make sure their digital transformation projects are fit for today, and the future.More
Story image
VMware & partners mobilise enterprise business continuity in times of disruption
VMware says it has taken a ‘Connect, Accelerate, Scale, and Protect’ approach to protecting businesses and supporting enterprises with their business continuity plans.More
Story image
Exabeam targets APJ with ‘significant investment’
Triples its team across the region and forms an exclusive partnership with Orca Tech in A/NZ as SIEM demand rises.More
Story image
Thycotic launches DevOps Secrets Vault solution for greater cloud security
“DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface."More
Story image
Endace and Palo Alto Networks launch integration to empower security teams
“The combination of Cortex XSOAR’s powerful orchestration and automation capabilities with the rich network history recorded by the EndaceProbe Analytics Platform gives security operations access to the conclusive forensic evidence they need to respond quickly and accurately to threats.” More