Digital transformation, hybrid or remote work, bring you own devices, shadow IT – business transformation is anything but static and cybersecurity teams are facing the brunt of it as guardians of the enterprise. How do security teams, already hampered with budget and resource constraints, stay ahead to deliver on their risk reduction and resiliency objectives in an already dynamic environment threatened by an increasingly nefarious threat landscape? Is it possible to have a best-in-class security operation center while meeting these demands?

Download the Best-in-Class Security Operations eBook >

Innovative Security Leaders Are Finding Ways Ahead

Larry Trittschuh, Executive VP and CSO at HealthEquity and Col. John Burger, CISO at ReliaQuest provided their insights and guidance on how to forge security operations that are best-in-class to meet today’s demands. They should know – HealthEquity is one of the leading non-bank health savings trustees with approximately 3,500 teammates across the US and ReliaQuest force multiplies security operations for over 250 organizations worldwide. They face off against major threats – ransomware, data exfiltration and business disruption – every day.

What is The Basis For a Best-in-Class Security Program?

They both agree it should be risk-based. There are no shortcuts – design your program based on your business needs and focus on outcomes to protect your business and its high value assets, they said. Both bring risk management experiences as veterans – Larry at the US Air Force and Col. Burger having run security operations at United States Central Command – and apply those principles here. They advise their security operations to focus on the most important risks in the context of their business and the credible threats that target companies for a specific purpose. You cannot and need not chase anything and everything. Having that focus is your best chance at success.

Are Your Security Tools Ineffective?

Today, enterprises are overwhelmed with disparate security tools – built out over time in hopes of reducing gaps in coverage but in many cases, actually increasing risk through fragmented focus. The two security leaders talked about a pragmatic approach to security technology investments – not that tools are ineffective but to understand their requirements and performance as part of your program.

While there is no single silver-bullet, both agreed that visibility and automation are key to reducing alert fatigue, increasing analyst productivity and ultimately driving desired outcomes—reducing risk and investing in the right areas. Larry further added visibility and automation help his team be proactive – including use ReliaQuest’s security operations platform GreyMatter. He automates wherever he can to relieve his team from the low value tasks, removing the tedium. He believes what Col. Burger calls ‘low brain, high carb” activities can be automated to enable every SOC analyst to do more proactive business value functions.

Download the Best-in-Class Security Operations eBook >