When you work for the office of your organization’s chief information security officer (CISO), time is not your friend. In 2015, the average time from compromise to discovery of a security incident was 146 days. That figure dropped to 99 days in 2016. Even so, the pressure is still on for organizations to do more with less when it comes to strengthening their security posture.
Many enterprises choose or design a security solution to help boost their digital defenses. This course of action is ultimately harder than it sounds. Here’s why:
Limited and/or Inconsistent Resources
Under the ongoing skills gap of trained infosec talent, trained security personnel are in high demand but are oftentimes forced to focus on tactics matters. The desire to make more strategic decisions could induce them to look for greener pastures. This tendency makes it difficult for organizations to generate the necessary expertise among their digital security teams.
But limited resources are only half the problem. In-staff resources who have sufficient experience to monitor a file integrity monitoring (FIM)/security configuration management (SCM) program oftentimes find themselves dedicating their focus to other matters like new projects or an unexpected security incident. These detours of attention cause the value of that program to dip and personnel to lose knowledge that they must work to regain after they’ve returned to the program…that is, if they don’t leave for another security firm. In that case, the company faces a long road to figuring out how the system is configured, hiring someone new, and providing them with adequate training so that they can manage the program.
Costs Add up for a Security Solution
It’s difficult enough to find the necessary talent to manage a homegrown FIM/SCM system. Unfortunately, cost isn’t an inconsequential consideration, either. Aside from the fact that information (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Todd Bunker. Read the original post at: https://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/expertops-security-less-time/