Cybersecurity is a team sport, so who are the players?
It’s back to school time (parents, try to conceal your understandable excitement).
For my 11-year-old son, the best part about going back to school is playing cello in our town’s middle school orchestra,?a spot he earned over the summer despite (pardon me while I brag) being a sixth grader in competition with 7th and 8th graders.
In case you’re wondering, to whatever extent he is gifted musically, it comes from his mom. I play no instruments (unless you count piano lessons as a kid and some guitar in high school) and have not touched one since the turn of the millennium.
But I do enjoy his concerts. In particular, I like watching the conductor. While I don’t fully understand all that is happening, I marvel at the man’s ability to coordinate the various players and instruments — in real time, no less.
The truth is, orchestra is the ultimate team sport.?Not only do the musicians have to work in unison (true of any successful team), but if they don’t — because somebody is off-key, off-beat, or late to join in — the mistake is immediately obvious to everyone who is listening.
Cybersecurity is a Team Sport, Too
Although not nearly as enjoyable to listen to, cybersecurity is also a team sport, one that likewise requires a great deal of real-time coordination.
That’s because unlike many other functions within a company, cybersecurity touches nearly every corner of the organization – legal, customer support, marketing, HR, senior management, etc.
Especially in situations where a security incident occurs, the pieces need to work together, quickly and in a coordinated fashion.?Nothing can be done in isolation.
Many Instruments, One Symphony
To ensure that your cybersecurity program is properly staffed and (ahem)?well–orchestrated, you will need the following roles…
Executive Sponsor. As I?have?written about before , this person is plugged in, believes in the program, and has both the influence and the commitment to make it happen. In most cases, the executive sponsor is the Founder or someone with the letter “C” in their title (CTO/CEO/COO).
Technical Lead.?This is typically the CTO, VP Engineering, CIO, or a technical director (sometimes, it’s the executive sponsor). They are the lead, but since this person’s time is often extremely limited, they need to be able to delegate to others.
Technical Doer.?This person may have a variety of titles — software developer, IT administrator, DevOps engineer, etc. — and is the one who takes charge of updating and configuring software, adding/removing users, and other hands-on technical tasks.
领英推荐
Administrative Lead.?I?wrote about this person ?before, too. In short, they know how to keep things on track and how the organization?really?runs. All the processes, all the important documents, all the key players, etc.
We look for an individual contributor whose domain expertise is the organization itself. Their title is unimportant, as long as it’s someone who has excellent attention to detail and is well connected internally.
Compliance Team.?These folks may or may not be explicitly part of your cybersecurity team, depending on your industry and the nature of the work you do. There may be a specific compliance person, some involvement from legal, or no one at all. Compliance could be around privacy, cybersecurity, or tied to other business activities, such as conforming with requirements related to financial or health care aspects of a company’s industry.
Broader Team.?Others who play a role…
Whew. Like I said, there are many players required to keep things running smoothly!
Start Where You Are
I know, it can feel a bit overwhelming.
The good news is that you don’t need an in-house security expert at your company to get started.?What you?do?need is an executive sponsor and a group of folks that care about security and are committed to improving it.
Agree to meet weekly and start with some of the basics, such as?multifactor authentication , training to help employees spot and avoid phishing attacks, and establishing a process for removing network access from past employees, consultants, and contractors. If you are a little more advanced, pick a set of controls from the alphabet soup of control frameworks?listed here.
It need not be perfect; the more you do, the better off you will be.?(Hint: When you start hearing music in the background, you’ll know you are on the right track!)
Want to get great cybersecurity content delivered to your inbox??Click here ?to sign up for our monthly newsletter, Tales from the Click.
This article was originally published on the Fractional CISO blog .
Fearless sales professional specializing in new business development, relationship management, and consultative sales.
2 年Great article, Rob. Thinking back on playing in school ensembles, I remember instrumentation being a top priority for our director. Without the right instruments, you can't play the piece. In this case, only with the right team members can you run your cybersec program! No single tool or person will get you there.
Your Community CISO
2 年One hundred percent agree - great article, Rob! Whether or not you have a full time security person, executive sponsorship is the key to success.
Cybersecurity Community Manager
2 年I love this part: "Especially in situations where a security incident occurs, the pieces need to work together, quickly and in a coordinated fashion.?Nothing can be done in isolation" Many people think that cybersecurity teams are the only ones responsible for cyber attacks, but this is not true. Cybersecurity awareness must be improved and every department has to be held accountable. Great article Rob Black.