Plaintext: What Team-Building Looks Like
Welcome to Dark Reading in Plaintext, where each day we bring you insights around one topic important to cybersecurity professionals. Today, we talk about team-building – focusing on culture and collaboration. Infosec is a team sport…but sometimes, the players don’t know how to play. What’s a CISO to do?
Helping Teams Work Together
There was an interesting article on Pragmatic Programmers in April, “How ‘Team Building’ Activities Help and Hurt People and Teams” focusing on way to change the conversation around team building. The author, Johanna Rothman, notes that managers consider team-building activities because they want to encourage colleagues to work as a team and not as individuals. Team-building activities encourage collaboration. The reality, however, is that these physical events can exclude people with injuries, or those who aren’t very active or physically fit. They isolate individuals who don’t really enjoy or aren’t good at physical activities.
Remember being picked for physical education teams back in school? Yeah. Same exact dynamic.
What Rothman notes is that in many cases, team-building does not have to be about physical prowess. “Our work does not depend on how well people act physically. Our work depends on how well we act together to solve product issues for our customers. Physical team building does not affect that collaboration at all.”
It’s a great piece, and we encourage folks to check it out – manager or not. But the key takeaway from was the importance of building culture. Teams can’t collaborate if they don’t have a common goal. Focus on creating an environment that makes it possible to collaborate and see how they can contribute.
How Do We Focus on Culture? The recently published e-book Reinventing Security from JupiterOne Press offers meaningful strategic and tactical advice on team building. The leaders in the book offer hands-on, real-world, practical advice on how to?intentionally change hiring practices, how to move the needle on collaborative work from security teams, and how to?widen the net for talent?in the security world, we sit up and take notice. [Read more 10 No-BS Tips for Building a Diverse and Dynamic Security Team]
How to Build a Red Team. Not every company will have the resources or need to build a fully fledged red team, but even small steps can go a long way toward protecting customer and employee data. Check out recommendations from the likes of Bishop Fox’s Daniel Wood, CriticalStart’s Quentin Rhoads-Herrera, director of professional services at CriticalStart, and Randori’s David "Moose" Wolpoff in 7 Must Haves for a Rockin’ Red Team.
NinjaOne’s Mike Arrowsmith outlines the steps on building a red team, such as picking a standard, creating a plan of attack, and keeping lines of communications open. However, the very first step in creating a red team, according to Arrowsmith, is to determine if it’s needed.
领英推荐
“Whether this proactive approach is appropriate for your company comes down to the type of data that is being protected. A grocery store may not need to take this approach, but a company that sells software to government agencies does.”
-Mike Arrowsmith, NinjaOne
Headlines on Tap
Some older articles from Dark Reading archives on team-building:?
Want to keep up with our favorite articles? Subscribe to receive Dark Reading Weekly every Thursday morning!
On That Note
We just kicked off our July Edge cartoon contest. Submit your best caption for a chance to win an Amazon gift card: