• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
Network Security

Top 10 Ways to Achieve Agile Security

Learn how to achieve agile security through these ten tips.

April 6, 2017 Sami Laine Leave a Comment

According to Cybersecurity Ventures, worldwide spending on cybersecurity will top $1 trillion between 2017 and 2021. From the barrage of cyberattacks on enterprises to new threat vectors within networks due to the move to the cloud, CIOs and CISOs have more to consider around cybersecurity than ever before. Cloud has brought considerable benefits to business: agility, scalability, cost savings; but more often than not, security can’t keep up.

­­

Many businesses have witnessed the benefits of cloud firsthand. To enable developers to do what they want, when they want, as fast as they want, they are adopting an “always-on” culture to streamline inefficiencies and maximize productivity; however, this degree of freedom doesn’t come without security challenges.

Achieving agile security in the cloud is a challenge many companies are beginning to face as they deploy cloud environments. To create a security mindset among developers while providing security tools that matched the pace of development, businesses are using new technologies, best practices and a DevSecOps approach to accelerate innovation while maintaining security. These tactics allow developers to securely tap into cloud infrastructure and agile development without slowing innovation. Below are 10 guidelines that will help your organization achieve agile security.

Sami Laine is a Principal Technologist at CloudPassage. In the last 17 years in the internet security industry at CyberSource, PassMark Security and RSA, he has helped some of the world’s largest payment processors, retailers, banks, brokerages and enterprises fight fraud, malware and web threats and is now focused on helping companies embrace agile security practices.

  1. Change the Mindset of Dev and Ops Teams – Developer and operations teams often see security as the anchor dragging productivity in the sand. While cloud has brought these two closer together, security is often an outlier. Introduce a new perspective that demonstrates how security can keep up with the pace of development, from day one.
  2. Introduce a DevSecOps Approach to Security Teams – In order to move on projects and continuously iterate and deploy new products and solutions, enlist security teams to become “security as a service,” allowing them to operate as a supplier within your organization’s walls. Make sure rapid response teams are running 24/7, and that product security teams are aligned with the same trajectory as the rest of the organization.
  3. Standardize on Core Security Principles – To achieve an “always on” culture while maintaining an agile and secure state, aim to execute on three core security principles that map back to DevSecOps: API-driven security, security at speed, and security on-demand.
  4. Adopt “API-driven security” – Steer away from traditional security systems managed by people logging into a console. By taking the human element away from the process, your organization can establish a continuous integration methodology, which gives consistency of delivery. For example, if a security policy needed to be adjusted, you’ll only do it once, eliminating inconsistency in the system or unnecessary outages.
  5. Create a Security Rapid Response Team – Fast response times are imperative to giving a tech company competitive advantage. To enact “security at speed,” implement continuous measuring, testing and monitoring in an effort to iterate quickly.
  6. Make Use of the Cloud – To achieve “security on-demand,” deploy cloud-based technology to ensure your security posture was never static. Your organization can also work closely with leading enterprise security vendors to build scalable commercial and technical models to allow for on-demand security systems. This gives your security teams the ability to scale infrastructure up and down as needed.
  7. Deploy a Code-Driven Security Infrastructure – Security shouldn’t have to be built up from scratch over and over. Deployment of a code-driven security infrastructure allows for the repeatable and automated build and management of security systems.
  8. Prioritize Visibility and Management – Your organization will likely want to pay for what it uses rather than peak cloud usage. Work with Amazon Web Services and other vendors allows you to adopt an agile, responsive approach to infrastructure and to build dynamic commercial and support models. End-to-end visibility allows you to take a granular approach to managing configuration of open-source tools that help the security team keep track of deployment, usage and management of cloud services.
  9. Adopt Elasticity and Automation – As a central tenant of a defense in depth strategy, use an automated security solution to monitor, detect and defend at the Host level. This strategy is central to the agile approach to security, from deployment through to operations.
  10. Secure Support from Decision-Makers – Buy-in and support from key decision-makers enforces intention. To solidify its support of agile security, round up your decision makers and demonstrate support from soup to nuts. Security and speed are not mutually exclusive; if a security team isn’t agile, it can block the pace of an organization. Once the effort is supported from the top, you’ll achieve continuous and secure innovation with agile security.

Tagged With: Cyber Security

Related Content:

  • Microsoft Basic Auth Prepare: Microsoft Begins Disabling Basic Auth in Exchange…
  • Microsoft 365 Idle Session Timeout Microsoft Rolling Out Idle Session Timeout for Microsoft…
  • Cyber technology security lock on screen, network protection Why Security Technology Convergence is Crucial to Future-Proofing…
  • WatchGuard Ransomware WatchGuard: Ransomware on Pace for Record Year

Free downloadable guide you may like:

  • These 10 IT Certifications Are Critical To An IT Pro’s Success in 2022

    Here are 10 cloud, data and security certifications that we identify as critical to an IT professional’s resume in 2022 and beyond, according to a variety of sources, including Indeed, Robert Half, CompTIA and others.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Uber Advanced Technologies Group Drives its Business Forward

The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.