How Automation Can Help Security Policy Optimization


            Why aren’t our security policies optimized?

            By Erez Tadmor, Field CTO, Tufin


            One of the recurring questions we hear from network security leaders is “why aren’t our security policies
            optimized?”  The answer, however,  is far from simple.  The truth is that a myriad  of factors  converge to
            create a challenging landscape where optimization becomes a daunting task.
            To understand how to solve a problem, you first need to understand what is causing the problem in the
            first place. That’s basic troubleshooting  101 - and it’s as true for cybersecurity as it is for any industry.

            Common Security Policy Issues


            Let’s  run down  the checklist  of  common  issues  that could  impact  overall  security  policy  adoption  and
            adherence:

               •  Volume: One of the foremost challenges stems from the sheer volume of network security con-
                   trols.  These  controls,  such  as a firewall  or  security  group,  are each  adorned  with  hundreds  to
                   thousands of access rules. Adjustments  become difficult as the rules themselves are often scat-
                   tered across various locations  - and teams have to take into consideration  the impact a change
                   to one rule may have on another.






            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          57
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.