SecOps Reactions to Ongoing Cybersecurity Challenges

June 19, 2019 - Marc Chenn

A few weeks ago I provided a 2018 year in review for cybersecurity challenges and incidents. Bottom line, 2018 wasn’t great. Considering several trends, the state of IT security is going to get worse before it gets better, unless business, IT and security leaders intervene.

At the root of the issue is cybersecurity hygiene. Our security and IT teams know how to protect digital infrastructure and data, but this protection needs to be a priority for the business. The security effort must be resourced appropriately.

In my most recent post, I outlined the five steps to good cybersecurity hygiene, with each step oriented toward a common theme: intelligent automation of security and compliance tasks. As First Data’s VP Amaya Souarez said in her SaltConf18 keynote, “You can’t hire yourself out of this problem, we have to automate.” We need secops reactions to production-scale threats.

Mehul Revankar makes a similar argument in an article in The New Stack. “Better Defense Against Spectre and Everything Else with Infrastructure Hardening,” references a patch cycle that must evolve from find-and-fix to “continuous compliance.”

Intelligent scalability

To help digital business achieve continuous compliance, a SecOps solution should deliver intelligent and scalable automation and orchestration. It should support consensus security policy, map to organizational process, and promote a collaborative and accountable culture of security practices between security and IT operations teams.

To secure complex infrastructure at scale, SecOps orchestration and automation must effectively integrate people, policy, process, and business priorities. This is so much more than just policy compliance scans or patch management. Cybersecurity must be built into the DNA of a business. It must work for the business to protect its employees, data, and customers.

Nathan Newton of IBM Cloud recently shared how he–with just 12 network engineers on his team– is able to effectively manage and secure more than 70,000 network devices. IBM Cloud has tens of thousands of Cisco, Arista, and Juniper network switches spread across 80 data centers around the world. Nathan said, “We couldn’t configure them manually. We needed to be more proactive and have better, more scalable automation.”

The scale Nathan refers to is both human and technological. SaltStack intelligent automation controls massive infrastructure, but also helps IBM Cloud amplify the amazing ability and intelligence of their security and operations team members.

Working with our customers, we at SaltStack discovered a substantial disconnect between security and IT operations functions. Not surprisingly, this disconnect is detrimental to the business. SaltStack SecOps tackles this disconnect head on and is specifically designed to make excellent cybersecurity hygiene possible at scale.

Automation for Compliance

SalStack SecOps can help security and compliance teams create custom policies or leverage existing standards such as CIS Benchmarks, continuously scan infrastructure for any deviation from gold-standard configurations, and automatically fix non-compliant or misconfigured systems.

SaltStack is utilized at the Department of Defense to help keep Linux servers compliant with rigorous DoD standards. SaltStack intelligent automation sequentially automates the application of various configuration policies and security tasks to help protect this unique and complex infrastructure.

In essence, SaltStack SecOps amplifies the foresight of security teams, marries their vision with IT operations teams, and amplifies the ability of IT teams to execute positive change and deliver continuous compliance for IT infrastructure.

SaltStack intelligent automation and orchestration makes digital infrastructure security at scale possible. Business leaders must now make IT security a priority. They must give it the attention and rigor it deserves. Actively become part of the cybersecurity solution and give your security and IT teams the automation they need to deliver continuous compliance for your digital business.