Welcome to the Graylog September Security Series: The Other Side of Security. This will be a three-part series featuring a panel of experts offering insights on practices that can help elevate your security posture. In this first webinar, we’ll focus on “Cybersecurity vs. Security Hygiene: A Love-Hate Relationship.”
In this first session, we will discuss the ongoing struggle within IT Ops or IT Security, a kind of “Family Feud” where security hygiene and cybersecurity often clash. With the ever-evolving nature of security, balancing focus across people, processes, and technology, while developing cross-functional awareness, is crucial.
Let’s begin by introducing our panel. I’ll be your moderator and therapist, keeping things fair and on time. I’m Jeff Darrington, Senior Technical Marketing Manager here at Graylog. Joining me are Joe Gross, Director of Solution Engineering. Say hi, Joe.
Joe: Hey, Jeff!
Fun fact: Joe was once questioned by the FBI for hacking into his university library! We also have Simon Huber, a Solution Engineer with Graylog. Say hi, Simon.
Simon: Hi!
Now that the introductions are out of the way, let’s dive into the relationship between security hygiene and cybersecurity. Organizations all share the common challenge of being prime targets for cybercriminals. Many mistakenly equate security solely with cybersecurity, often overlooking healthy infrastructure.
Let’s start with a conversation. I’ll ask Simon to define security hygiene.
Simon: Thanks, Jeff. Security hygiene involves meticulous practices, such as ensuring only necessary ports are open, users have least-privileged access, and keeping antivirus software up to date. It’s also about regularly patching systems to address vulnerabilities and, of course, collecting the right logs from devices to detect abnormal behavior.
Jeff: Excellent! Joe, how would you define cybersecurity?
Joe: Cybersecurity is more about actively seeking threats. It involves tools like SIEM, log management, and security analytics to find the “needle in the haystack.” It’s like being a police officer patrolling the streets—constantly watching for bad actors and limiting the damage once they’re found.
Jeff: In my experience, these two sides—cybersecurity and security hygiene—can be at odds, leading to a bit of a “Family Feud.” Joe, what’s your take on this?
Joe: Cybersecurity and security hygiene are deeply interconnected. You can save a life with minimal tools, but it’s much easier in a clean operating room with proper equipment. To effectively do our job in cybersecurity, we need a clean environment, which is where security hygiene comes in. Strong passwords, closed ports, and trained users all help create that clean room. Without good hygiene, detecting real threats becomes impossible, as you can’t separate anomalies from the noise.
Simon: Absolutely! As Joe said, security hygiene forms the foundation for cybersecurity. The more hygiene measures you implement, like enforcing long passwords and closed ports, the harder it becomes to manage. That’s where the conflict arises, as security measures can sometimes feel like roadblocks to productivity.
Jeff: Great points. Now that we’ve established the relationship between these two, how can we break down the silos between cybersecurity and security hygiene to achieve a better outcome? Simon, let’s start with you.
Simon: To break down silos, we must recognize our goals and strike a balance. The more ambitious we are in detecting malicious behavior, the more constraints we encounter—whether budgetary, technological, or personnel-related. We also need to consider security earlier in the process when designing architecture and infrastructure.
Joe: Agreed. Building a security culture within the organization is key. Security teams need to understand the business’s goals, and vice versa. One effective strategy is to create a security committee involving stakeholders from different departments. Another approach is the “security business partner” model, where security professionals are embedded within departments to better understand their needs and reduce risks while maintaining efficiency.
Jeff: Excellent insights. Now let’s discuss the advantages of creating a culture of security across the whole organization. Simon, can you recap some of these benefits?
Simon: There’s really no downside to fostering a security culture. At worst, things stay the same, but at best, security improves. Embedding security into processes and having champions within different teams ensures that security is part of the organization’s DNA. It also ensures that critical assets, like Active Directory, are always monitored, and new systems are integrated into security tools from the start.
Joe: Spot on. Security isn’t a destination; it’s a discipline. By embedding security into the culture, we’re not only making it easier to prevent incidents but also reducing costs and increasing efficiency. When security is ingrained in everyday operations, it allows everyone to do their jobs more effectively without being bogged down by constant threats.
Jeff: Well said. Just like you can’t wait for a fire to install fire extinguishers, you can’t wait for a breach to implement security measures. Joe and Simon, thank you both for this great discussion. We hope this session helps organizations build a healthier relationship between security hygiene and cybersecurity.
That concludes session one. Please join us next Wednesday for our next session, “Security Analytics is a Team Sport.” Now, let’s open the floor for a Q&A.