The benefits of ITIL® in IT security

The benefits of ITIL® in IT security

IRadu Leonten recent years Romania and, more broadly, South East Europe have become a hotbed for international IT services. Due to the region’s Internet of Everything approach, the IT market is booming and facilities like Security Operations Centres (SOCs) and Network Operation Centres (NOCs) are emerging and evolving quickly.

In my role as Security Systems Senior Manager in one of the biggest SOCs in South East Europe, I’m responsible for delivering a range of services to protect clients across the United States and EMEA. Day-to-day, our tasks include elements such as monitoring for security incidents, forensics of breaches and risk and vulnerability management – all with the purpose of defending a company’s assets.

The value of ITIL

As security threats appear and develop in their sophistication daily, more and more companies are now investing in security. To deliver the best possible services to our clients, and in a fast-paced and changing environment, operational excellence is absolutely key. For that reason, I see ITIL as a must in an SOC: whether you’re dealing with incidents, change or problem management, its defined approach helps ensure we’re professional and business-like in the services we deliver.

Here are the ways ITIL can be used in a SOC environment:

Managing incidents

Identifying, preventing and resolving incidents is a primary role of a SOC, so ITIL’s problem management tools within Service Operations are extremely useful. Following risk analysis, the guidance then supports users in how to approach an event or problem should something occur and how to report and communicate these risks more widely.

Having these defined processes in place, along with guidance on how they link together, makes our SOC run more smoothly. It also helps to establish repeatability and predictability in scenarios that are often changeable and potentially volatile.

Learning from an event

Handling an incident is one thing, but to prevent it from occurring again it’s important to learn from what has happened. With a strong focus on Continual Service Improvement, ITIL gives us a clear and methodical structure to ensure that we record and act on the forensics we gather following an event. That way we can fine tune processes and procedures and improve what’s already in place.

Common language

In a large and evolving SOC like ours, where there are hundreds of people employed, communication is important. ITIL helps maintain communication channels among different teams and departments by creating a common language that everyone understands. In a SOC, ITIL is essential for every employee and, at present, approximately 75% of our staff are trained to at least Foundation level.

Allocate resources

In a fast-growing SOC, managing resources is a challenge; so the capacity management guidance within ITIL is very useful in helping us to plan out different activities and allocate effectively. Using the processes, we can ensure we’re maintaining the necessary coverage and delivering the support our clients need to protect their assets.

See our ITIL section for more information.

Current rating: 0 (0 ratings)

Comments

There are no comments posted.
You must log in to post a comment. Log in

ITIL Foundation Handbook

The ITIL Foundation Handbook accompanies the certification and provides an introduction to the ITIL framework.

ITIL Foundation Handbook

Buy the Book

Suggest a Blog

If there's something you'd like us to cover in a new AXELOS Blog, please complete our Suggest a Blog form and tell us what you'd like to see.

Send us your Blog idea

Recommended Reading

ITIL Intermediate Level: Continual Service Improvement Book

Continual Service Improvement Book

The Continual Service Improvement (CSI) book has more guidance on CSI processes and methods to help you manage IT services.

Buy the Book