Mediaboss Marketing

Todays columnist, Mark Kerrison of New Net Technologies, invokes David Bowie to get the point across that the vast majority of security issues are tied to changes. luvhermit CreativeCommons Credit: CC PDM 1.0

Despite his one-time appearance in the film The Prestige as Nikola Tesla, its unlikely David Bowie spent much of his time studying up on the challenges of technology. Still, he seemed to know what he was talking about when the glam rock and fashion icon encouraged us to Turn and Face the Strange, Ch-Ch-Changes. Bowie would fully understand that all data breaches or malware vectors are tied to changes. Facing those changes with a proper change control implementation has become so crucial for that very reason: Any change that slips by the team could introduce a malware disaster.

Gartner reports that 85 percent of all problems faced by IT teams, whether theyre operational or security, are often tracked to some form of change. They likewise predict that 90 percent of security breaches could have been detected with an effective change and configuration management process. Given that the average Mean Time to Detect (MTTD) a data breach runs about 190 days after infiltration, the longer a firm goes without a fully-implemented change control process, the more likely they are to suffer a devastating breach or even a ransomware attack. To properly implement change control, companies must start by understanding it.

This technology lets security teams identify changes in any environment so that any changes that represent a threat or open software up to a vulnerability are correctly identified as such. Unlike change management, which focuses on a given companys process in introducing change, in change control security teams understand what those changes are and their effect on the software environment.

Consider a zero-day attack, which by its nature can bypass whitelists and firewalls. The malware may go undetected, but the underlying changes to existing functions which enable that malware must occur. Change management helps firms avoid unexpected changes, but its in the realm of change control that they can determine those unexpected changes and deal with them.

We can identify these changes in four essential types:

Effective change control analyzes all changes, discerning between those that were harmless and ideally approved and those that were neither approved nor harmless. There are a few critical integrations an effective solution should leverage. Security teams should integrate data from change management into the change control solution. They need to empower that solution with analysis and Threat Intelligence to learn the patterns and behaviors of good changes, so that the team can reduce change noise and they can assess unexpected changes and assigned risk context.

Once detecting those risk-associated changes, an effective technology should offer remediation, using that risk context to help operations teams prioritize in the remediation process. Leveraging intelligent change control products and processes will better protect organizations from a breach, and also help spot potential breaches and contribute to enhanced IT operations.

Mark Kerrison, chief executive officer, New Net Technologies

Here is the original post:
Turn to face the 'ch-ch-changes' of change control | SC Media - SC Magazine