Thesis: The best tools to improve and maintain effective security management operations do not necessarily involve the latest, most expensive commercial products or overly-complex systems; instead, they are rooted in solid understanding of all hardware and software, having the right tools on hand at the right time, taking account of the large role of ‘human error' in security failures, having a plan in place in the event of security failure, and having fully-prepared employees.
Body
I. While there is clearly a place for the ‘latest and best' security solutions in the form of sophisticated commercial and open source software, as well as (for example) highly-automated configurations, the most important element of effective security is knowledge of the systems in place.
A. There must be clear, written, universally-distribution security policies (examples of failures in this area can go here).
B. must be a complete inventory of all hardware and software, including cabling layouts and device locations, including documentation.
C. A simple and comprehensible organization, addressing and subnetting map.
II. There must be full awareness of actions to take and procedures to follow in the event of a security issue (breach, etc.).
A. Well-established troubleshooting guidelines built into training.
B. Well-established and universally-understood backup and restoration procedures.
C. A clear emergency ‘continuity-of-operations' and recovery strategy in the event of a major ‘hack,' disruption, etc. (case study, example here of failures in the past).
D. Heavy focus on training, individual skill, resourcefulness, etc., with an eye to what motivates and de-motivates employees in the area of security compliance; focus on the role of management in setting the tone, of employee psychology, of concepts of reward and punishment for security compliance/transgressions.
III. There must be continual, comprehensive assessment of hardware and software vulnerabilities and the merits of alternatives (i.e. new products and services).
A. While new hardware and software solutions can be attractive, and in many cases offer genuine advantages, the strength of ‘off the shelf' solutions--combined with the strategies noted above--is often underestimated.
B. Value is located most often in products and services (and the companies that offer them) with proven track records, a good ‘word of mouth' reputation, a dedication to innovation and ‘staying ahead of the game.'
C. ‘Flash' and style should not obscure the value of some open source security contenders that, properly ‘tweaked,' provide enormous financial savings and reliability when blended with the training safeguards noted above.