Continuous Improvement is Key to Network Security Management

Jody Brazil

Information Security is a complex problem in many ways: complex networks, complex requirements and complex technology. But it would be much more manageable if it were static. However, it is far from static. New systems are added to the network. Business requirements change frequently. And the threat landscape is extremely dynamic. Managing security in this environment is a significant challenge.

A key to successful security management and in turn effective security is understanding the current state of your security posture. Complexity inherently introduces mistakes, gaps and obscures them at the same time. For example, a firewall, implemented with the specific purpose of limiting risk by controlling access, often has configurations so complicated that it is impossible to understand what access is being allowed. And if it is impossible to understand what access is being allowed, it is impossible to understand the risk it is limiting or exposing. Helping analyze these complex configurations and provide visibility into what access is being allowed or denied has been a key value of Security Manager for over a decade.

But it takes more than occasional analysis to ensure effective security. With the near-constant changes happening in the network and the dynamic threat landscape, continuous assessment is required. Establishing controls, definitions of correct or incorrect configuration or behavior, and continually evaluating the security of the network against those controls is the most effective way to automate this analysis. What you do with this analysis is what separates truly effective security organizations from the rest.

Improving security requires more than just fixing what is broke. It requires measuring the effectiveness of security operations; technology, people and processes. Continually assessing the security controls defined and measuring the results over time creates a framework to measure security operations. Setting the expectation that improvement is the goal will result in improved security.

Better Security through Better Management.