Silos might be useful for storing grain, but when it comes to security, they're a recipe for disaster.

Imagine if your arms stopped listening to your brain, or your thoughts disconnected with your voice, or your eyes saw one thing and believed another? It would lead to a complete breakdown of the human biological system. Similarly, the information security organization is a diverse machinery of moving parts, with each security team mostly interested in executing its function to the point of excellence. However, organization culture is usually siloed and it is prudent to break down these barriers across cross-functional teams when it comes to information security. Security teams are siloed by technical expertise and the traditional approach is no longer working. In the best interest of achieving the mission of the security office, teams must be conscious of the need to collaborate more often and more effectively, and management must be an enabling factor for such cohesive efforts.

Security teams working in silos have had a huge price to pay in the past. In 2018, the Marriott hotel chain suffered a data breach, where the personal information of up to 500 million guests was compromised. An investigation revealed that the breach had been ongoing for years, and that the company's various security teams worked in silos, lacking effective communication and coordination, which may have resulted in the attack. Hence, given the challenges faced by security teams, it is vital that security teams work in a collaborative manner to be able to successfully detect, respond, prevent and avoid such scenarios.

What are the consequences of security teams working in silos?

Working in silos means that each security team operates independently on its own, without much coordination or communication with other security teams within the organization. This can lead to a fragmented approach to security, where each team is focused on its own tasks and responsibilities, rather than working together to ensure the overall security of the organization. As a result, it could lead to several problems such as:

• Increased risk of security breaches: which can lead to damaging the organization's reputation, loss of customer trust, and financial losses
• Lack of coordination: teams may not coordinate their efforts effectively, leading to duplication of work and a lack of efficiency
• Poor communication and collaboration: fragmented mindset leads to misunderstandings, prejudices and breakdown of relationships within the organization
• Limited visibility: there is limited visibility into the activities of other teams, causing a lack of understanding of the overall security posture of the organization
• Restricted sharing of information: information circulation is ineffective, the outcome of which is lack of knowledge sharing and collaboration
• Gray areas: there may be gaps in coverage where certain areas of the organization are not adequately protected due to lack of understanding or false assumptions
• Difficulty adapting to changing threats: with the threat landscape constantly evolving, a siloed approach to security will be ineffective in responding to new and emerging threats
• Ethnocentric outlook: each team member feels their team is superior, increases chances for teams to pass the buck and limits learning opportunities for teams, since they are majorly concerned with their scope only

How can we overcome the problem of security teams working in silos?

A holistic security approach is an integrated approach to security that involves all parts of an organization working together to ensure the overall security of the organization. This approach recognizes that security is not just the responsibility of a single team or department, but rather it is a shared responsibility across the entire organization. This is a crucial factor which requires awareness, understanding and acceptance by all members of the organization.

There are many reasons why an organization should adopt a holistic security approach:

• Adaptability: A holistic approach allows an organization to be more agile and adaptable in addressing organizational risk and emerging threats
• Efficiency: by decreasing duplication of effort and increasing efficiency, security teams can save time and resources, which are invaluable in the fast-paced world of cyber-security.
• Improved communication and collaboration: establish clear channels to foster better inter-linking among security teams, which is essential for effectively responding to security incidents and disseminate information in the hour of need
• Cross-functional mission: encourage security teams to consciously collaborate on projects, chase shared objectives and promote knowledge exchange. Security Champions are a great enabler of this.
• RACI matrix: define a clear RACI matrix to ensure that all areas of the organization are comprehensively covered, and no gaps or gray areas are left pending
• Forums and Meets: setup regular cadence for teams to showcase and present their work, thereby providing visibility to other teams and promote talent development. Even informal events go a long way in promoting engagement and discussions.
• Review and update: it is important to regularly review and update security protocols to ensure that they are effective and up-to-date. This can breakdown silos by ensuring all security teams are on the same page.
• Paper-based exercises: conduct dry runs as per the security playbook to involve the various security teams towards responding to a security incident

To summarize, security teams need to stop being event-focused and shift towards being outcome-focused. Security goals can be complex and cumbersome, but it can easily be achieved with teams operating on trust, communication and collaboration. There is a need for evolution of security teams to be able to work with different teams and have convergence of different perspectives in order to be successful in their mission. The big picture of security can only be seen by high-functioning teams that break away from the silo mindset.