Cybersecurity Demands an Olympic-Caliber Team
Cybersecurity is a team sport. Every player needs to work together, understand the role they play, and focus on the end goal: winning.
Effective cybersecurity involves more than just technology. Safeguarding your organization requires communication, planning and alignment among key stakeholders.
Understandably, business leaders want to be familiar with their company’s cybersecurity strategy and be apprised of the most impactful cyber incidents – and get involved when needed. But executives will need help in understanding the strategy, staying up to date on evolving situations, and knowing their role in case of a cyber incident.
Last year, Gartner, Inc., reported board directors rated cybersecurity as the second-highest source of risk for the enterprise. The company predicted that 40% of boards will have a dedicated cybersecurity committee by 2025.
Making that happen is not easy. Situations and cybersecurity solutions are often complicated to explain. Business and technical colleagues often don’t “speak the same language.” And, as Gillian Tett of the Financial Times notes in her book, “Anthro-Vision: A New Way to See in Business and Life,” words can hold different meanings for different individuals.
So, cybersecurity experts must take great care to describe concepts in terms that business leaders and teams can understand. This requires planning, work and, potentially, training.
My colleague, Paul Keely, a 12-time Microsoft Most Valuable Professional, says adopting the ELI5 approach is an effective way to improve communication between cybersecurity experts and business leaders. ELI5 is short for, “explain it like I’m 5 years old.”
The premise is that communication among people from different disciplines works best when a speaker explains things so anyone without detailed knowledge in the field can understand the concept. The ELI5 approach is becoming widely accepted in business and tech.
Work from the same playbook
Recently, I met with CISOs and CIOs who also discussed the benefits of developing a program to help security team members communicate better with business leaders. We talked about how cybersecurity games can help executives get a more complete idea of how situations may play out. And we noted that a managed detection and response (MDR) service provider can help formulate a plan detailing what actions to take, and describing the roles of business leaders, in-house IT team members, the MDR provider and other relevant parties. Everyone should be working from the same playbook.
As a cybersecurity leader, your work is never done – and you shouldn’t do it alone. Effective cybersecurity requires a combination of people, processes, and technology, and the people involved in these efforts include your cybersecurity team and other stakeholders. But it’s important to remember that you don’t have to do this work alone.
An MDR service provider should be able to help you:
- Deliver repeatable and predictable outcomes. This will help ensure fast threat detection and remediation. Ideally, you want a service provider who takes the time to understand your organization's security posture and delivers a solution tailored to it.
- Supply staff skilled enough to reduce your security burden. Veteran security analysts should be available to triage, investigate and mitigate initial incidents. By working to identify false positives and escalate incidents, they'll help reduce the number of alerts that require response.
- Escalate to SOC engineers, as needed. Ideally, the service provider leverages a machine learning-enhanced platform and can perform in-depth investigations, execute mitigation and isolation and containment actions that you approve. Proactive threat hunting and mitigating cyber risk – escalating incidents, as needed – should also be part of their responsibilities.
- Leverage your existing security tools and investments. If your organization uses Microsoft tools, look for a vendor with significant Microsoft experience, with Microsoft-certified experts who are skilled in integration into Microsoft consoles. It will simplify coordination with IT and secure configuration of critical Microsoft infrastructure.
Get the best players on your team
This last point is an important one, especially here at Open Systems. We’re a five-time Gold Partner and a Microsoft Advanced Threat Protection Specialization certified partner. We focus on three critical pillars for MDR: mission-driven processes, a mission-ready platform, and Microsoft-certified experts. Through our advanced relationship, we also work together with Microsoft on new products and services to keep customers secure.
We understand the importance of clear and effective communication among your cybersecurity and IT teams, your CEO and other key stakeholders. And we can help your in-house team establish a cybersecurity plan that can improve communication and collaboration when fast action – and a win for the team -- is needed.