Page 16 - index
P. 16
It’s time that both sides of the organization – business operations and security – begin a very
important conversation to align their needs.
If there is an imbalance or lack of compromise, you increase your organization’s overall risk of
failure by creating a subculture of Shadow IT – basically technology used without explicit approval
to do so. Without unified IT management, there is no room for collaboration, not to mention
increased security risks.
There needs to be that call-to-action to both security professionals – who must define the necessary
security policies, controls and best practices, and business leaders – who need to provide full
visibility into the critical business applications that will be affected by said policies and controls.
Similarly, application owners should shape their applications with security in mind at the beginning
design stages.
A simple solution to the ‘culture of no’ is the enterprise’s adoption of successful security policy
orchestration. This type of system provides a centralized, application-driven insight into an
organization’s network, which allows clear communication of the possible business impacts of
alterations made to security controls prior to actually making the alteration.
In tandem, this would permit application owners to openly share their networking requirements and
supply the IT leaders with direct visibility into the security and compliance effects of these
applications. Adopt a ‘culture of yes!’ That way both parties can freely and effectively collaborate to
achieve the best of both worlds – security and business agility.
About the Author
As Vice President of Products, Ofer is responsible for leading Tufin’s product
strategy. With over 20 years of experience in high-tech and network security,
Ofer has an extensive background in developing innovative products which
have had a profound market impact. Previously Ofer served as Director of
Research & Strategy at Tufin. Prior to Tufin, Ofer was Senior Product Line
Manager at Check Point Software Technologies (CHKP) where he led Check
Point Security Management products and Check Point Security Appliances.
Ofer held marketing and technical positions at Check Point (CHKP), Microsoft (MSFT), Amdocs
(DOX), and served in an elite computer unit in the Israel Defense Forces (IDF). Ofer holds a BA in
Political Science and Sociology from Bar-Ilan University, an MBA from INSEAD University, and an
MA in Law from Bar Ilan University.
16 Cyber Warnings E-Magazine – September 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
