The Five Vowels for a Security Manager
“My Very Educated Mother Just Showed Us Nine Planets” remember the school days, how we used to remember the sequence of planets in terms of their distance from the sun? Or “BB ROY Of Great Britain has a Very Good Wife” that told us the resistance color codes? But somewhere as we grew up, technology jargons, business jargons and clichés replaced those interesting ways to remember things.
Within IT domain, while user facing areas like martech, social media, IoT, Big Data see some occasional light-hearted banter, security is considered too serious to ‘succumb’ to that.
It need not be. I thought we could make a small beginning by converting a security managers’ focus today to an interesting acronym. As I was working on that, I found that the swara (voice) of the security managers can be expressed by the five swara varnas (vowels) - A, E, I, O, U.
So, here are the five vowels (pancha swara, going by the fashion these days of giving a Sanskrit name) of the security managers. And they are not necessarily mutually exclusive.
Here are the five vowels and what they mean for the security manager.
Security automation today is a given. In today’s context, it serves four major objectives. The lowest hanging fruit in all automation—security is no exception—is enhanced efficiency. Two, for many tasks such as incident response and investigation, the time of response and resolution has to be really small. That requires automation. With large volume of data needed to be sifted and analysed, a human process is not just inefficient, it is prone to errors. And finally, availability of skilled manpower is a challenge. Automation allows to free up human beings from repetitive tasks even while doing it better. No surprise, from simple monitoring to advanced proactive threat detection, automation is ruling the security landscape.
Much of the automation and advanced thwart techniques are using newer technologies today technologies that did not even exist five years back. Machine learning, artificial intelligence, robotics process automation (RPA), deep learning, user behaviour analytics are areas of new technologies and their applications. The expectation today from a security manager is the same as that of a business manager—she must help the organization build a competitive advantage. A good security manager is expected to hunt for new technologies and find ways and means of making them work to create value for the organization.
As the role of a security manager changes from a task-based (read tickmark-based) implementer of tools and technologies to an outcome-based business executive, there is need for strategy. What’s more, unlike any other function in the organization, you are continuously being attacked. You have to fight them even while planning for future-proofing. Innovation is a greater need in security than in traditional IT these days.
The Holy Grail of any security manager. There is no area within IT that is so fragmented when it comes to solutions. Points solutions still rule; there is significant change in security landscape everyday requiring newer and newer solutions and even approaches to solutions, which is leading to newer players joining the party almost every day, doing one job particularly well.
While best-of-breed approach in many areas have given way to end-to-end, in security it is not just surviving but thriving. That makes orchestration such a big task in security. All the investment could come to a naught if you fail to do proper orchestration. I feel automation and orchestration have often different objectives to achieve and they should be treated separately.
Traditionally, this has never been part of a security manager’s list of tasks. But today, the realization has dawned that no matter how great you are as a professional and no matter how great tools and technologies you have got, you cannot fight the war alone.
At best, you can fight some battles. You need the entire user base to join you in the fight. That is what is achieved by user education. Today, a significant time of a security manager must go to build user awareness, promote best practices and work actively to ensure that users participate in the journey. Creating a policy is not the end of it.
I thought this would make it a bit easier for the security manager to keep her focus. When it doubts, listen to your five swaras—five vowels.
AMD intros Kria KR260 Robotics Starter Kit for Intelligent Factory of the future
AMD announced the Kria KR260 Robotics Starter Kit, the latest addition to the Kria portfol...
West Midlands Police deploys Exterro’s Cloud-based Digital Forensics Platform
The provider of Legal GRC software, Exterro Inc. announced that the West Midlands Police a...
Industry leaders layout the collaborative 5G Opportunities and capabilities for country’s digital transformation
Leading telecommunications experts and industry leaders connected and brainstormed ideas f...
VeeamON 2022 kicked off with insightful sessions on data protection
Veeam Software has kicked off its annual user conference, VeeamON 2022, delivering a rich,...
DoT, Rajasthan LSA conducts webinar on awareness for mobile tower myths and tower frauds
Department of Telecommunications (DoT), Jaipur License Service Area (LSA) organized an awa...