How should a business leader identify the right team to counter these cyber risks?
“Size doesn’t matter. Blended experience does.”
During our time in government, we led a small but mighty team whose successes far surpassed the largest deployments of other agencies. How did we do it? Passion was one factor, but diversity of thought was the true driver of success. Bringing together an “Ocean’s Eleven” team of cyber investigators with deep, diverse, interdisciplinary backgrounds and experiences allowed us to view and resolve risk from multiple viewpoints. Brainstorming, open discussions, collaborative sessions with international and local law enforcement all contributed to approaching challenges through “diversity of thought.” As you begin to explore the right resource for your company, look for a combined portfolio of knowledge including policy, regulatory, law enforcement, intelligence, legal, compliance and standards as well as other mixes of government and private sector experience. All these elements, when combined, provide for a powerhouse of good advice, leading to an adaptive strategy in an ever-evolving landscape of threats.
“Bifurcate the work.”
It is of utmost importance that your Information Technology (IT) resource(s), internal or managed, have a fundamental understanding of the security concerns facing your organization, but you should steer clear from suggesting they wear multiple hats. For small and mid-sized organizations which often rely on one or two staff members, the “BAU” work will consume most of their day. However, communication between IT and security resources is key. Fuse the teams, but rely on true cybersecurity experts to protect the house and defend your network.
“Promotes a 24/7 mindset and culture.”
The prime strike time for cybercriminals and other adversaries are nights (usually a Friday), weekends or holiday periods. In the last five years, 76% of all ransomware incidents began outside of traditional working hours. Ensure you choose a team whose experts you have on direct dial with immediate access – who are wired for incident response, and prepared to parachute in, assess and begin immediate remediation, no matter the day or time.
“Properly utilizes the team and their tools.”
There are great and affordable software solutions in the marketplace to support your cybersecurity needs. Chose an expert who can incorporate these solutions into a comprehensive roadmap and plan. Having the right resources with the right set of eyes “on problem” is of paramount importance. Finally, knowing how and when to utilize the specific tools, their features (and their limitations) based on your company’s profile, as well as understanding what is valuable to an adversary and customizing the resource to your needs is key.