SecOps and the Integration of Security

Posted June 16, 2020

According to the 2020 VMWare Cybersecurity Outlook Report, 49% of IT and security respondents report their teams being understaffed. Security respondents in particular report understaffing of 48% on average. At a time when business email compromise attacks, malware attacks, insider threats and ransomware are causing increased disruption to business, organizations must remove communications barriers and integrate security roles to combat the understaffing. Based on data from IBM’s threat intelligence index, we know today’s cyber threats against businesses in the US are led by Nation-states. And the industries most targeted are financial services, healthcare, transportation and manufacturing. When security teams are understaffed and our key industries are facing rising threats from well financed and determined bad actors, we need to look at new methods of organically integrating security throughout the whole organization. Enter SecOps

What is SecOps?

SecOps is a methodology for creating a collaboration between security and operations teams to ensure the necessary tools, processes and technology are in place to keep an enterprise secure while also improving its ability to deliver. Through SecOps, security considerations are integrated into business development and operations functions every step of the way beginning from inception. You can think of SecOps as an alignment of priorities within an organization. The result is integrated security and operations teams who previously may have had separate goals of securing assets and streamlining business functions. These goals can quickly be at odds as organizations struggle to balance the need to harden systems yet remain open and accessible to internal staff, customers and vendors.

Integrating SecOps

In a traditional model, before cyberattacks were a daily concern, an IT team would implement a new system or service based on the operational needs of the organization and the security team would be left with the task of assuring the implementation is as secure as possible. In a SecOps methodology, security considerations are invoked from the beginning and help to drive the decisions around the implementation. The security team brings greater visibility to the table on vendor selection and system accessibility decisions based on insights gathered from current threat assessments across the organization. By integrating SecOps into the process from the beginning, the process is streamlined, more efficient and results in a more robust security implementation overall. Tools and technologies are joined together across the organization resulting in strong endpoint protection and optimal IT hygiene.

Proactive Security

When security considerations are integrated organization-wide through SecOps, implementing security policies becomes proactive instead of reactive. As the treat landscape can change on a daily basis, this proactive approach gives an organization a distinct advantage when striving to stay ahead of the threat curve. Issues can be identified and resolved much faster and more precisely reducing downtime. Moving from security as an afterthought to security as a core driver of business decisions improves the integrity of overall business systems and hardens defenses.

Whether your IT team is facing staffing shortages or not, integrating security goals throughout your entire organization can help reduce budgets through better planning and response.

Kyle Vinar

Kyle Vinar is Partner / President of Verus Corporation. He oversees all business operations and coaches Verus teams to continually improve on their solutions from client experience to product development and overall solution implementation. He works with all Verus resources to increase efficiencies and excellence in every aspect of their organizational roles. Kyle believes that people are the last real competitive edge that a company can have and constructing a rich culture is a vital step in running a world-class organization. Therefore he strives to create a culture within Verus that allows everyone to show up authentically and grow both personally and professionally, which in turn allows Verus Corp team members to provide clients with top-of-the-line service. Kyle helps balance strategy, capacity, and culture in such a way that has allowed Verus Corp to achieve exponential growth since he joined the company in 2013. One of Kyle’s greatest professional achievements has been in helping lay the foundation upon which Verus Corporation could be named the 2nd Best Place to Work by the Minneapolis/St. Paul Business Journal. Kyle holds a Bachelor of Science in Marketing from St. Cloud State University. He lives in Champlin with his wife and 3 children. He has enjoyed volunteering as a soccer coach for over 6 years and was the former Director of Coaching for Rebels Soccer Club. If Kyle isn’t on the sidelines of one of his children’s soccer games or in the audience of his eldest’s musicals, he can often be found cruising scenic routes on his Harley, in a deer stand, or on the golf course.