5 Tips to Streamline Your Security Team

If you’ve ever hired security pros, then you know the current talent shortage is no joke. A recent Computerworld survey found that compensation for security specialists is growing faster than for any other role in IT (up 6.4% year-over-year in average total compensation), and the competition for talent is fierce. Finding the right talent can be a lengthy process, leaving your security hopes and dreams in limbo.

So, what’s an organization to do? Many companies are working hard to streamline security operations and answer the talent shortage with changing tactics to match the changing role of security. Organizations need to maximize the value of their security hires now more than ever. Below, we’ll cover five tips that can help you get the most out of your security team’s time and talents.

1.  Get Your DevOps Team On Board With SecOps

If your development and operations teams are already humming along in sync (hello, DevOps!), then it’s a good idea to look at how you can improve your organizational security by training up the folks who write and deploy the code that powers your products, platforms, and infrastructure. If you make security part of their responsibility and make it something that you actually measure performance on, then you’ll see your organization move forward on this front in leaps and bounds.

This starts with a mindset that must be reinforced and supported from the top down as it affects the processes, software, and other tools your DevOps team uses every day.

2. Use Tools That Bring Security Into DevOps Workflows

To get DevOps teams to integrate security into their daily tasks, you need to make it easy for them. Instead of requiring them to log into a security tool that they may not be familiar with, bring security alerting into their normal daily workflows.

For example, we’ve seen a big rise in ChatOps applications like Slack being used to insert security alerts into existing team discussions. At Threat Stack, for example, our Ops and Engineering teams are looped into security alerts via Slack so they can quickly review and discuss before logging directly into a security product — in our case, the Threat Stack dashboard. (We dog food everything.)

The less of a headache security is for your DevOps team, the more likely they are to take care of it, and in a timely and repeatable fashion. With Threat Stack, we bring context to alerts in our product, and using tools like Slack, you can easily augment that context with discussion to quickly triage and address potential issues.

3. … And Everyone Else’s Workflows Too!

Even better, integrate security functions into tools that your whole team uses, and you’ll empower them to become security ambassadors. If your entire company uses Slack for communications, set up a #security channel where they can share questions, concerns, or potential threats with the security team in real time.

Build a culture around openness and awareness of security issues, and you’ll be much more likely to stop potential breaches. You can also set up your security tools to ping users who have caused a certain alert to go off, right there on Slack. That way, they can quickly verify whether they were indeed the culprit — or not — and your security team will know whether they need to spring into action. (You can read more about how to do this here.)

Establishing more comprehensive feedback loops between your teams about security is a key element in helping them go faster, safer, and with more confidence about what they’re building.

4. Educate and Train the Whole Team

Beyond integrating security processes into daily workflows, it’s a good idea to provide basic security training for your entire team. This can take the form of a quick security course when employees first join the team. We’ll go into quite a bit more depth on security training in future blog posts, but a few areas to focus on include:

  • How to spot (and avoid) phishing and malware attempts
  • How to use organizational security measures (like two-factor authentication, single sign-on applications, or ChatOps tools like Slack)
  • Which networks are and are not secure, and how to stay secure when traveling for work
  • Best practices like signing out of computers and never connecting unfamiliar hardware

Your goal should be to have an organization-wide security IQ that is high enough to make you an unappealing target for attacks. Additionally, the more your team knows about how security works and what to do and not do, the fewer people you will need to have on your security staff to clean up messes.

5. Choose Comprehensive Security Tools

Finally, we highly recommend that you choose security tools that can provide a single pane-of-glass view into what’s going on organizationally. The more detail your security team has about what is happening on your network and across your systems, the better they can prioritize security tasks and determine what is worth their time.

Giving your security team a tool like Threat Stack that integrates well with DevOps and security operations tools like PagerDuty, Slack, VictorOps, and the full span of AWS offerings means that they will have complete visibility into any security issues that may arise. Having all your SecOps tools and systems looped into one platform will also allow your team to be much more proactive about identifying and remediating vulnerabilities before they become an issue.

With a more unified approach, you can easily grow knowledge about the security posture and patterns in your software and infrastructure, and about how your users and automation are complying with, or breaking, your policies.

Final Words . . .

We’re obviously big on security at Threat Stack, and we have a ton of respect for people who focus on security for a living. But we also know that many businesses need to maximize scarce human resources — and security is often one of the hardest roles to fill and retain.

By taking the steps above, you will help your security team to uplevel their efforts by streamlining what they must focus on each day and by giving them more room to be strategic. You will also improve your organization’s overall security by having more of your team see security as part of their responsibility.