Source: securityboulevard.com – Author: Michael Vizard
Blameless is making it simpler for security operations (SecOps) teams to manage multiple conversations across the Slack instant messaging platform while securely mapping to its incident management platform.
Alex Greer, senior product manager for Blameless, said an update to the Blameless platform makes it possible to deploy multiple bots across a single instance of Slack. This helps ensure security incidents are only seen and discussed via Slack by authorized members of the security operating team, he added.
Slack as an alternative to email has become heavily relied on to manage requests for IT workflows within a wide range of organizations. However, as a cloud platform, sensitive data involving a security incident might inadvertently be shared within a channel that is managing multiple processes. The Blameless incident management platform update includes a Slack bot that helps ensure data pertaining to any given cybersecurity incident is only shared via a specific channel, said Greer.
This is critical, as the usage of Slack across an organization grows there is a natural tendency to create thousands of communication channels that are often not well governed. The likelihood that confidential information shared by a small team could find its way into the wrong Slack channel due to human error is high.
These issues are being increasingly addressed within the tools and workflows that IT operations teams employ as they assume more responsibility for SecOps. Cybersecurity teams, however, want to be certain that the data being shared is limited to as few people as possible. A report needs to be filed that describes in detail what the root cause of the cybersecurity issue was, and more importantly what steps were taken to resolve it. That information needs to remain confidential as cybercriminals could use it to stall any remediation efforts being made.
Additionally, internal cultural issues involving workflows need to be addressed. Most IT organizations manage IT based on the ITIL framework. However, other organizations have embraced DevOps best practices to manage IT incidents more adroitly. Cybersecurity teams need to be conscious of the approaches being employed in any one organization to ensure incidents involving data breaches are prioritized. Most IT teams are managing multiple incidents at any given time. A data breach that needs immediate attention can be overlooked if, for example, the level of priority assigned is too low.
Incident management doesn’t always get the level of attention it deserves which can be problematic as with remediation time is always of the essence. The challenge as far as any change management process involving IT is concerned is the devil is always in the details.
Recent Articles By Author
Original Post URL: https://securityboulevard.com/2023/08/blameless-locks-down-security-incident-management-over-slack/
Category & Tags: Cloud Security,Data Security,Featured,Incident Response,News,Security Boulevard (Original),Spotlight,incident management,platform security – Cloud Security,Data Security,Featured,Incident Response,News,Security Boulevard (Original),Spotlight,incident management,platform security
