All mature networks need a regular change management strategy invoked by a CAB-Change Advisor Board. The Network Security Team is no different.
Any scheduled or even emergency changes, should be documented and approved by the CAB. In the case of emergency changes or upgrades, the correct procedures need to be followed and all stakeholders advised on a predetermined or reasonable time frame.
For regular scheduled changes the CAB can review the reason for the change, what is changing, who will be performing the change, who will be notified and any rollback procedures including scripts thoroughly documented before implementation. Various Security Standards such as NIST, COSO, PCI mention regular change management.
The Security Team as the gatekeepers many teams, needs to make sure that they are following their own rules. This can prevent any issues in the change implementation as any affected stakeholders from other teams will be able to voice any concerns and their needs addressed before the change is to occur.
While not considered “attractive” and may even be boring to some, regular change management can greatly enhance the security posture of the Network Security Operations Team and of the company. Documenting, getting the right approvals and following the procedures correctly will make the firm more secure and compliant.