No matter how big or small your enterprise is, or how talented your security team is, communication between the Infrastructure and Security teams is critical. Let me explain.
Even with a mature change management program, I am always amazed at how complex technology really is. If a security team has email alerts setup for SIEM and other logging systems, and the Infrastructure team makes an otherwise “unknown” change to lock down mail relay, all of a sudden security alerts are no longer being sent. And you don’t receive an alert that the alerts aren’t working. Thankfully, if you have a baseline set of alerts that your analysts expect to receive each day and they don’t receive them, it should trigger someone on the team to question what’s wrong.
A security team with all the fancy tools, DLP, IDS, SIEM, etc are only as good as the analysts watching them!