Updated: Jul 29, 2021
Image source: Dominician Expert
Have you ever done mountain river rafting? It's a great fun! I would like to compare it to agile security. Everyone needs to be clear about the destination, everyone needs to chip-in and be synchronized. It's a very fast changing environment. You need to understand the basic elements of how maneuvering in water works, for example, what actions will lead to what results. Visibility is a great advantage, however, nothing prepares you to be suddenly involved in forces greater than the capabilities of your team. Being prepared for unexpected despite the experience, keeping your head cool while reacting fast and using the greater forces for your advantage is my key take away from mountain river rafting.
I got inspired to write this short blog after reading an article by Thomas Tschersich, CTO/CSO of Deutsche Telekom Security GmbH. In a nutshell, his article argues that exercising top security hygiene is more effective in achieving operational resilience than going after 'buzz-word' technologies like AI, Blockchain, etc. I think what he means is that we do require technology to further innovate and give us the advantage of productivity, however, pinning hope on technology is not going to magically resolve your security effectiveness challenges.
The timing of Thomas' article couldn't be more perfect as I've been researching by what degree cybersecurity challenges have changed over the years and found that the organizations seem to be fighting pretty much the same cybersecurity battles as they did a decade ago in 2010, which include:
1) the need to identify risks early;
2) understand those risks and prioritize them according to business goals;
3) mitigate risks at a faster speed (in Germany it takes on average 3600 hours from risk identification to risk eradication and Germany is one of the most efficient countries in risk mitigation!);
4) achieve corporate-wide security transparency and track the changes;
5) the need for security effectiveness and continuous security improvement.
Basically, the above mentioned challenges are listed in number of reports which include, but are not limited to 'Risk Management and Corporate Governance 2014', 'Corporate Governance and the Financial Crisis 2010' by OECD.
What has significantly changed in the past decade is the technology innovation, also, vectors for cyber exposure have grown exponentially (cloud, remote working, 5G, IoT, more dense technology acquisition, etc.) and the attacks became more persistent, advanced, scalable that result in a greater impact.
Below list outlines few great recommendations shared by industry Security Leaders that will help you achieve effective security. The key is in consistency, scalability and the tactics of 'how':
Risk Awareness training (recommended by Thomas Tschersich, CTO/CSO and Jose Maria Labernia, CISO). We would like to add that Quantum Cybersecurity Skills are launching Security Services Efficiency Optimization training in September. Please feel free to express your interest here.
Optimize your Technology (recommended by Thomas Tschersich, CTO/CSO and Jason Callahan, CISO). Quantum Cybersecurity Skills would like to add technology consolidation to this point. We run Breach & Attack Simulations on behalf of our customers which helps verify which technology offers most effective end-point and infrastructure security.
Proactive security and business alignment (recommended by Jose Maria Labernia, CISO and Sarfaraz Ahmed, CIO/CISO). Quantum Cybersecurity Skills would like to add that security effectiveness needs to be always considered not only at strategic layer, but also tactical and operational layers. Security is more than a technical matter.
Data quality to compute risks (recommended by Thomas Tschersich, CTO/CSO).
Security transparency and metrics (recommended by Ravinder Arora, CISO, Jason Callahan, CISO and Andy Hanks, CISO). Quantum Cybersecurity Skills would like to add that the key objective is to create a systematic approach which would lead to early risk identification, understanding the symptoms correctly before risk becomes a 'problem'.
Challenge security status quo (recommended by Jason Callahan, CISO)
Invest in Offline-Backups (recommended by Thomas Tschersich, CTO/CSO)
Establish Incident Management (recommended by Thomas Tschersich, CTO/CSO)
Full Ownership (recommended by Manish Sinha, CIO)
Consistency and frequency in communication (not only about, eg. SOC mission, key digital assets in the organization, but also answering 'what's in for me?' question - why should I exercise security hygiene on a daily basis is one of Quantum Cybersecurity Skills recommendations
100% compliant to sufficiently protect your organization (recommended by Manish Sinha, CIO). Quantum Cybersecurity Skills would like to add that being compliant doesn't equal to being efficiently secure.
Cross functionality collaboration (recommended by Ian Thornton-Trump, CISO, Jose Maria Labernia, CISO and Michael Welch, CISO). Quantum Cybersecurity Skills experience suggests that integrated operations defense needs to be looked at a strategic level in order to take maximum advantage of cross functionality collaborations.
Positive and engaging security culture (recommended by Ravinder Arora, CISO)
Linking back mountain river rafting analogy to agile security, in the end, it's all about that cultural shift of 'doing it'. Exercising security hygiene with efficiency in mind, by everyone, in every activity and taking advantage of your existing resources to achieve a greater outcome of security efficacy. Watch more on-demand #SOCsuperposition interviews with Security Leaders who share their best business practices which help achieve effective security. We are planning to release Series 2 interviews in September.
#IncidentManagement #OperationalResilience #ProactiveSecurity #ReactiveSecurity #SecurityServices #SOC #SOCoptimization #SOCproductivity #SOCsalability #SOCsustainability #SecOps #SOC #SOCsuperposition #InfoSec #RiskManagement #MDR #MSSPs #AgileSecurity #RiskManagement #BusinessContinuity
Organizations that are able to take a full advantage of their Security Services (SOC) are Leaders when it comes to reducing business risks, operational costs, improving resilience and business continuity. Scale and sustain the resources that you already have - it's part of an agile and integrated risk management strategy.
Quantum Cybersecurity Skills has been co-founded by seasoned SOC Managers to help SOC Managers and CISOs out there. We are your trusted Partner to deliver continuous SOC productivity optimization aligned to ISO 27001 PDCA, proactive and reactive security services, MDR and professional risk mitigation services. Our services are applicable to any size organization from any industry, whether with an in-house SOC / CSIRT / CERT or MSSP outsourced. We run operations in UK, Canada, Mexico, USA and Spain to meet customers' Data Privacy requirements.
Reach out to us: