The Southern Fried Security Podcast

The Southern Fried Security Podcast is designed to be an information security podcast that fills the gap between technical security podcasts and Security Now.

Episode 192 - Security Waste

It's not just a security problem but we often add to our arsenal without fully (or even mostly) utilizing the tools that we do have.

Problems associated with this are:

  • Have more complexity in your environment
  • Needing more staff or requiring current staff to stretch themselves thin to support differing tools
  • Increased cost (capital, operational, support)
  • Information overload - even with a SIEM more data requires more analysis

    • Increased chance of missing key events
    • Increased false positives
  • What am I missing?

How do we work through this when you're not the decision maker?

  • "Operational Excellence" - Martin's story

How do we work with our vendors to ensure that we are leveraging their tools without over dependence on one tool or vendor?

Advantages of security debt

  • All eggs not in one basket
  • Ability to leverage different technology sets to catch more bad stuff
  • In a larger environment what works in one area of the network may not work well in another
  • Necessity of increased staff that has experience in other areas that can be leveraged by team