MAKE CYBER SECURITY A TEAM SPORT
This blog post is a look at how developing an effective cyber security program can be much like developing an effective sports team. Light on sports analogies but strong on content and value, you will find this holistic view of cybersecurity refreshing.
With the threat of new exploits challenging your organization every day, it is essential to build a strong defensive cyber team! However, cyber security leaders tend to focus on employees and their awareness of impending threats. Employees are a crucial part of the cyber security program in making your organization successful. After all, each employee is a potential entry point for threat actors who seek to extract and encrypt your critical data to cripple your organization using phishing techniques and ransomware for their monetary gains.
I want to share an incident that happened at one of my previous stops that might seem familiar to you. It was like any other workday during the pandemic, with users logging into their VPN from home (first thing in the morning) to check their emails. I too was combing through the monotonous droves of emails when I came across one that “evoked powerful emotions”, which is not typical for me (first clue). The email was from “someone higher-up in the organization” (second clue) telling me my “required training” (third clue) had “expired” (fourth clue) and I need to attend “mandatory online training so click this link” (fifth clue) and “complete within 24 hours” (sixth clue) or “I would be subject to disciplinary actions up to but not excluding termination” (seventh clue). So, I scoffed, thought “well that’s not going to happen right now” mumbled an obscenity or two, then left for a meeting I was running late, without giving the invasive email another thought. You see, emails like this are common in this organization, so, me quickly thinking about rearranging my schedule to complete the task was not what I was looking to do. That meant I would need to do this at home on “my time”, bummer.
During my meeting, the Helpdesk, the security team, and astute users noticed that the email was not legit, it was a “phishing expedition” or a “data harvesting attack”. The threat actors had sent out a well-crafted, grammatically correct, “void-of-spelling errors” phishing email that used the proper terminology for our industry. It was perfect and caught more people than the normal misspelled and broken English phishing communications we were all used to getting from the Nigerian Prince.
That was a busy day for the IT team! We were successful at isolating, mitigating, remediating, and educating the users, updating playbooks, and optimizing systems (People, Process, and Technology). All was right in the organization again.
Statically, according to Verizon’s 14th annual Data Breach Investigations Report (DBIR) show that 82% of security breaches involve the human element, a 13% increase in Ransomware breaches—more than in the last 5 years combined. 62% of incidents in the System Intrusion pattern involved threat actors compromising partners. Anyway, there are plenty of articles focused on employee awareness and training, this article and blog series will focus on the other parts of your “Team.”
The Leader You Need
Addressing Cyber Security challenges can be daunting, and it takes an astute, experienced leader who has their finger on the pulse of the organization. This leader must understand the vision and mission of the organization. They must be able to align the goals of the organization to maximize the available resources efficiently and effectively. This leader should be a Chief Information Security Officer (CISO). According to a new report from managed cloud service provider Navisite, nearly half (45%) of companies surveyed do not employ a chief information security officer (CISO). However, 58% believe they should hire one.
Every organization is at risk of cyber-attacks. Even if they take all the necessary precautions, they are still susceptible to one. The key is preventing and identifying an attack as quickly as possible. It is time to get a Chief Information Security Officer (CISO) on your team.
If your organization needs a part-time CISO or your CISO needs assistance building out the organizational security foundation, please consider adding ThetaPoint to your team through our vCISO service.
What makes a good Cyber security Team?
A good cyber security team is a group of people with diverse skill sets. They need to be able to work together as a team and be able to work independently as well. Teamwork is the most important skill for a cyber security team. They need to have effective communication skills, so they can share information and ideas with each other to create defensive solutions to protect your organization. Team members should be flexible in their approach to tackling problems and be able to improvise when necessary. A good cyber security team should consist of people who are interested in all aspects of security, not just one area, and have the mindset of continuous improvement.
Now that I have talked about the skill sets and traits a good cyber security team member should have, let us explore which positions should be on your team.
Some of the core players of your team should include:
- Chief Information Security Officer (CISO) – C-Level representative for organizational cyber risk and cyber program, Owner, and visionary
- Information Security Manager – Oversees the day-to-day operations of the department (team), General Manager, Athletic Director
- Information Security Architect – Creates and Oversees cyber security design, Team Leader, Coach
- Information Security Engineer – Executes the designed cyber security plans (plays), Point Guard, Floor General
- Information Security Specialists
- Network Security Admin – Defend the core network, Center, Rim protector, Shot blocker
- Systems Security Admin –Defend core servers, Power Forward, Rebounder
- Forensic Analyst –Analyze digital evidence and investigates computer security incidents, Small Forward
- Penetration Tester – Identify and resolve security vulnerabilities, Shooting Guard
- Information Security Analyst – Analyze logs, provide feedback, read the tea leaves, Assistant Coaches, Trainers, Support Staff
The Challenges in Building a Team
Aside from the day-to-day tasks and issues, competing priorities, and occasional organizational emergencies, there are specific challenges that directly affect cybersecurity. Today’s challenges in building an effective cybersecurity team are:
- Identifying the missing pieces and correcting them before the opposition realizes the gaps
- Budget, having the necessary resources to procure (buy) talent, software, hardware, services, etc…
- Getting “buy-in” from leadership for something that might be viewed as a once in a “career event”
- Talent acquisition and retention
- Finding effective free agents
- Team motivation and goal setting
- Time to do all the items above
ThetaPoint’s Virtual Chief Information Security Officer (vCISO) services offer IT security services that help companies keep their data and intellectual property safe from hackers. With our round-the-clock vigilance, you can rest assured that your company is being managed with the utmost care.
Hiring a Chief Information Security Officer is costly; however, with ThetaPoint, you can get the same services at an affordable price. We provide a variety of subscription plans and have packages tailored to your needs and budget, so cost is not a concern.
Do you have any questions? Contact us today to find out more about ThetaPoint’s Virtual Chief Information Security Officer (vCISO) services. Add ThetaPoint to your team and strengthen your defensive posture!!!
ThetaPoint is a leading provider of strategic consulting and managed security services. We help clients plan, build and run successful SIEM and Log Management platforms and work with the leading technology providers to properly align capabilities to client’s needs. Recognized for our unique technical experience, in addition to our ability to quickly and rapidly solve complex customer challenges, ThetaPoint partners with some of the largest and most demanding clients in the commercial and public sector. For more information, visit www.theta-point.com or follow us on Twitter or Linked-In.
Upcoming Team Building Events
ThetaPoint is a proud sponsor of The University of New Mexico and its Athletic Program. ThetaPoint will be hosting various Team Building events in our Suite at UNM Men’s Basketball games during the 2022-2023 season. If you would like to learn more about ThetaPoint and how we can help you build your Organization’s Cyber Security Team, please Contact us to secure your spot at one of our next events.
|November 19th, 2022 (Saturday) at 5 PM (Mountain)
|UNM vs NMSU
|December 18th, 2022 (Sunday) at 4:30 PM (Mountain)
|UNM vs IONA
|January 7th, 2023 (Saturday) at 7:30 PM (Mountain)
|UNM vs UNLV
|January 20th, 2023 (Friday) at 9 PM (Mountain)
|UNM vs Boise St
|February 7th, 2023 (Tuesday) at 8:30 PM (Mountain)
|UNM vs Nevada
|February 25th, 2023 (Saturday) at 8 PM (Mountain)
|UNM vs San Diego St