Bernard Lambert September 13, 2021
IT security is in a revolution via the present-day challenges and how they are overcome. Some idea of the future is the speculation that follows.
We are presently countering invasions of the communications systems, the destinations along their routes, the systems at any of those destinations, and theft of the information in those systems. It is a vigil. The most often mistake made toward guarding against these things is to “bolt-on” some device or system and let it do the work. The vigil is left to the robots to alert you when things go awry. A most recent hack even invaded the very systems used to do such monitoring.
We are reacting to such things and not being proactive. High grade, high paid help is not employed here. A NOC or SOC is set up where the labor is cheap and fingers crossed; things won’t go wrong. Because of specialization in applications, systems, and networking individuals seldom have the combined talents necessary and are willing to work for much less compensation. The worst I have seen it is for the 150 monitoring systems in a global enterprise dropping from sight without anyone knowing for a long time.
workThat instance was easily remedied with robots to watch the robots along with continuous visual feeds to the NOC and enterprise management personnel. The vigil was reintroduced and easily used. What can stump everyone after such systems begin a cascade of information coming your way, is the sheer volume of the info stream and the adverse effect it has upon the operators of the NOC or SOC. One cannot keep up with the avalanche of data. This is a self-induced attack.
In all cases, the staffing headcount requirement has been woefully inadequate once problems arose. The “averaging” done on personnel cost neglects the real need in a real crisis. Because these happen in an instant an organization cannot react in a timely fashion with such short staffing. Problems are not “headed off”. Some are postponed to a future project. The response is thus untimely.
My recommendation is to establish a broad-based knowledge team to install and operate this vigil in a distributed fashion. You can use a cloud, do a hybrid, or build a data center. The team you hire to do the systems, application, networking, virtualization, cloud security, and compliance issues must have integration experience and integration skills. Yes, pay the man or woman more than fifty-five an hour.
What is your experience??