• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Cloud   »   Security Operations: The Big Picture

Security Operations: The Big Picture

  • Posted on:March 26, 2014
  • Posted in:Cloud
  • Posted by:
    Mark Nunnikhoven (Vice President, Cloud Research)
0

My last few posts have looked at the impact you can expect hybrid and full cloud environments to have on your security practice. I’ve called out incident response, monitoring, and forensics as areas that can benefit from the flexibility provided by cloud environments.

But what about the big picture? How do these areas come together to form your overall security practice?

The Big Picture, Literally

Your Cloud Security Practice

This image is licensed BY-NC-SA, please share it! Feel free to link it directly at http://static.markn.ca/img/blog/cloud-security-practice.png.

This image lays out how the distinct areas of your security practice flow together. Start in the middle with “Your Business Systems” and simply move along the arrow path. At the bottom, you’ll see the foundation audit response flow. Everything in the practice adds to the audit response which is why it’s called out at the bottom.

Changes In The Cloud

The workflow laid out in the diagram isn’t really all that different from a traditional security practice. The important differences lie in the implementation. Moving into the cloud provides the opportunity to enhance our practice with one underlying principle: automation.

Almost every one of these activities can be highly automated in the cloud. Automation comes with numerous benefits, but the major improvement is that it moves security operations firmly into the category of “business enablement.” If your business applications are deployed in a highly available, resilient manner, your security must be as well.

Automation will help you achieve that.

Take for example the deployment of the basic security controls themselves. If your application is designed to automatically scale based on user demand, your controls must automatically deploy and activate right alongside the application. If they don’t, you’re either crippling your deployment by removing the elasticity the cloud provides, or your deployment is left without security until you can manually deploy.

From a tactical point of view, automating various practices like containment, recovery, analysis, audit response, and others, continues the theme of ensuring that security is flexible and can leverage the power inherit in the new cloud model for operations.

Amplifier

If you can push automation into all aspects of your security practice, not only will you be seen as an “enabler” for the business, but you’ll also be able to do more with the resources you have.

If you free up your analysts from work that can be automated, you allow them time to focus on the aspects that require a human, in-depth analysis (forensic and otherwise). Planning, awareness training, auditing, etc., are now not only possible, but will also continue to improve your practice.

Automation offers you the chance to finally stop reacting and to get out from behind the 8-ball. That’s something we’ve all pushed for over the years. If we embrace the possibilities and leverage the power of cloud deployments, it’s something we might actually get.

Related posts:

  1. Optimizing Security for AWS
  2. Updating Security Operations For The Cloud
  3. What you need to make security part of your cloud operations
  4. Evolving Cloud and Data Center Operations with Security Management

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.