SecOps – the merging of security and IT operations to improve resilience – will become increasingly important as more organisations grapple with securing hybrid cloud environments.
This is according to Mark Chadwick, Cloud Solutions Architecture Director at Huawei Cloud South Africa, who explains that SecOps is a fusion of security (Sec) and operations (Ops), aimed at integrating security practices into the entire IT operations life cycle.
“Traditionally, security and operations teams worked in silos, leading to delays in addressing security threats and vulnerabilities. SecOps brings these teams together, fostering collaboration to proactively address security issues, improve incident response times and ensure that security is baked into all stages of IT operations, from development to deployment and maintenance,” he says.
“SecOps emphasises the importance of continuous monitoring, incident response and automation to secure IT environments more effectively. By embedding security into the operations process, organisations can more efficiently manage risks and comply with regulatory requirements, while maintaining the agility and speed needed in modern IT environments.”
Cloud environments demand SecOps
Chadwick says SecOps has become increasingly important because cloud environments are dynamic and scalable, with resources being provisioned and de-provisioned rapidly.
“This complexity requires a security approach that can keep pace with these changes, ensuring that security controls and monitoring adapt in real-time. The cloud also increases the attack surface as more resources, data and applications are exposed to the internet. SecOps ensures that these assets are continuously monitored and protected against potential threats,” he says. “In the event of a security incident, cloud environments require specialised tools and approaches to detect, investigate and respond to threats. SecOps in the cloud ensures that these capabilities are in place and can operate at the speed required by cloud environments.”
SecOps hurdles
Chadwick says while DevOps has become an established practice, SecOps adoption has lagged. “This may be due in part to the fact that introducing specialisations tends to drive a siloed approach in businesses. Because security and operations have two distinct functions, they don’t merge and work together. But operations tend to be too reactive to meet the security demands of changing environments – organisations now need to integrate the security and operations functions for more proactive SecOps,” he says.
Challenges in the way of effective SecOps include a shortage of skills and resources and an increasingly complex regulatory environment to consider, Chadwick says. “Most organisations are well versed in POPIA, but many tend to overlook other relevant legislation such as the Cybercrimes Act of 2020 and even the ECT Act,” he says. “SecOps in the cloud ensures that security policies are enforced consistently across all cloud assets, helping organisations stay compliant with regulations like GDPR, HIPAA and others.
“The cloud shared responsibility model means that cloud service providers protect the cloud infrastructure, but organisations are responsible for protecting their data, applications and configurations. SecOps helps organisations effectively manage their part of this shared responsibility. Huawei Cloud also assists customers with this, with a suite of tools and services to help them remain secure and compliant.”
Support tools for SecOps
Chadwick highlights key solutions to support SecOps teams: the Huawei Cloud security operations center (SOC) SecOps tool SecMaster for improved situational awareness, Huawei Cloud’s Data Security Center for enhanced data security and Huawei Cloud Operations Center for improved operations efficiencies and visibility.
Huawei Cloud SecMaster is a comprehensive next-generation platform providing one-stop automated security operations to safeguard cloud resources. Built on Huawei Cloud’s years of cloud security expertise, it enables integrated and automatic security operations through cloud asset management, security posture management, security information and incident management, security orchestration and automatic response, cloud security overview, simplified cloud security configuration, configurable defence policies and intelligent and fast threat detection and response.
It integrates with various Huawei Cloud services to offer unified security management.
Huawei Cloud Data Security Center (DSC) is a latest-generation cloud data security management platform that protects data assets by leveraging its data protection capabilities such as data classification, risk identification, data masking and watermark-based source tracking. This centralised platform helps protect sensitive data from unauthorised access, with granular data control, encryption for data at rest and in transit and compliance with industry standards.
Asset Map gives insight into the security status of each stage in the data security life cycle and provides constant visibility of the security status of data assets.
Huawei’s new Cloud Operations Center (COC) is a secure and efficient operations and maintenance (O&M) platform, offering one-stop, AI-powered solutions for all centralised O&M needs. It encompasses Huawei Cloud deterministic operations scenarios and features essential functionalities such as fault management, batch O&M and chaos drills, to improve cloud O&M efficiency while also ensuring security compliance. With tools for cloud resource management, monitoring and optimisation, it helps organisations ensure the availability, performance and security of their cloud infrastructure and supports proactive risk management.
Share