In Part 4 of our Visibility Series, we’ll wrap things up by discussing why documentation matters and how visibility helps with operations.
One of the primary things Information Technology (IT) and security teams continue to contend with are alerts. Every system has the capability to generate an alert. Is it some sort of security alert? Some sort of uptime alert? Perhaps an alert indicating that too many alerts have been generated in too short a time? Either way, the volume of alerts likely involves headaches for everyone.
“You cannot secure what you do not know.” I frequently see iterations of this phrase when it comes to cybersecurity and visibility. When a security team looks to gain insight into what is being used in their network, they won’t be able to secure what they can’t see or are not aware of. It’s here that the buzzword of Shadow IT (Information Technology) is also commonly thrown around. You can think of Shadow IT as the thing that you do not know is on the network – and therefore cannot secure.
Until recently, I had only thought of visibility as a monolithic and all-encompassing function – a “catch all” that various teams dive into when they need a clear view of what is occurring in their network. However, I’ve learned that different teams need different views into how their systems communicate across the entire enterprise. As teams grapple with the concept of what is in the environment, and what needs to be secured, “visibility” is the word everyone comes back to.