“What the hell does SecOps mean, really?” I’ve heard derivatives of this question numerous times. From my perspective, the short answer is: “SecOps is a movement that’s making security everyone’s problem.”
Security Operations doesn’t just involve security or IT departments. Security Operations includes your developers, HR, sales, marketing and all other business units.
It’s all teams working toward the collective goal to secure the organization.
The term “SecOps” was derived from the now infamous use of “DevOps,” but with a bit of a spin. SecOps expands its reach to all corners of the business. It is here to tell everyone that security is not just the security team’s problem. Too often we attempt to throw technology and people — and ultimately dollars — at an issue without actually going for the headshot. We see massive organizations get compromised and think either, “How could that possibly happen to them?” or “If it happened to them, we’re certainly vulnerable.”
I can tell you why most of those breaches occurred: because security just wasn’t at the top of everyone’s mind. SecOps is a culture change that should be industry-wide.
Phishing tactics shouldn’t be new. The same technique is applied whether the attacker wants W-2s or credit card numbers. This is an awareness problem, not a sophisticated attacker.
Brute Force attacks against open RDP servers should be an issue of the past (on so many levels). Not to mention the thought process that another blinking light will solve your lack of people, process, or education problem.
Why is it I always get blank stares when I mention enabling Two-Factor Authentication? It’s because we’re doing a bad job of addressing our audiences… still.
Let SecOps be the conduit through which we can start focusing on headshots!
