Just Who’s Job Is Network Security Anyway?

by drjim on July 15, 2010

Who's In Charge Of Making Your Network A Safe Place?

Who’s In Charge Of Making Your Network A Safe Place?

IT Leaders hope to be able to do their work in a secure environment – the last thing that any of us want to have worry about is dealing with an attack on our servers or network from bad guys. However, have you ever stopped to wonder just who’s job it is to keep everything secure?

How Goes The Battle?

Everyone in IT knows that there is a constant struggle going on between the good guys and the bad guys. The larger the company that you work for, the more often you’ll be attacked. This means that you need to be playing your role in helping the rest of the company constantly reevaluate its security policies.

If you need some good news, here it is: most companies are getting better at dealing with the IT monsters that we now recognize – worms, viruses, and others. The bad news is that the threats continue to evolve and mutate. The bad guys just keep getting smarter.

Who’s The Target?

Should you even be worrying about this? I mean, look, you’ve got enough on your plate already – do you really have to deal with this? The folks over at CIO Insite did a survey awhile back and found out that 50% of companies that are big (revenue of over $1B) have said that their web sites and corporate data have been targeted by the bad guys.

What Should Your Role Be?

This is where things start to get tricky. For you see, everyone in IT really has a role to play in keeping the company’s IT assets secure. How an IT Leader goes about doing this can have a big impact on both their career as well as how secure the company is.

All too often, a company exists in react mode. We’ve all see how this plays out. An attack from the outside will be detected and then as many IT staffers who can be roped in are thrown into the mix in order to take the servers that are being attacked off line, make sure that all of the needed patches have been applied to the other servers, and then keep an eye out on the rest of the network in order to detect any unusual going ons.

As IT Leaders we need to realize that is exactly the wrong way to go about doing these things. What is needed is more of an automated approach to keeping the company’s severs, web sites, and network secure. The right way to do this is to establish standard procedures as well as a consistent set of company policies that get implemented in order to make sure that all of your security updates are in place. This is the key to stopping the “we’re under attack” madness.

What All Of This Means For You

Although your firm may have an IT team dedicated to network security, it is still the responsibility of every IT Leader to lend a hand in helping to keep the bad guys out.

Just exactly how to go about doing this is different at every company. In the worst case, it can mean leading a hand when an attack on the firm’s IT resources is detected. However, the smart IT Leaders deal with the problem before it shows up and create automated ways to keep IT resources secure.

Security is a part of every IT Leader’s life. Make sure that you spend the time helping to secure the company’s assets before things get bad and then you’ll be able to sleep better at night…!

– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Management Skills™

Question For You: Who do you think should have the final say on securing the company’s IT assets?

Click here to get automatic updates when The Accidental IT Leader Blog is updated.

What We’ll Be Talking About Next Time

Quiz: what’s the best way to get your IT Leader career on the fast track to success? Answer: find yourself a good mentor. If you can find such a mentor, then you might think that you’ve got it made in the shade, so to speak. Umm, maybe not. If that mentoring relationship goes bad, your career just might be in trouble…

Be Sociable, Share!

{ 2 comments… read them below or add one }

Anton Chuvakin July 15, 2010 at 4:25 pm

This is a bit sad that you reduce “information security” to mere “network security.” It sure led more than a few companies into trouble.

Reply

Dr. Jim Anderson July 17, 2010 at 5:31 pm

Anton: ok, you’ve got me there. However, info security is a big topic and there’s only so much that you can do in a single blog posting. Would you agree that network security is a part of info security? If so, then maybe I wasn’t too far off track…

Reply

Leave a Comment

{ 1 trackback }

Previous post:

Next post: