Cybersecurity Trends 2023: Watch for These Cyber Threats
What are the recent trends in cyber security, risks, and strategy?What will be the new trend in cybersecurity?What are the latest trends in...
Everyday cybersecurity heroes and true heroic first responders have more in common than one would think. Today’s panel discussion contrasted the cultural factors that drive successful teams and outcomes for these two seemingly different but distinctively similar organizations.
Key Points: Understand the Connection between First Responders and Cybersecurity
Ever since Peter Drucker started talking about culture as a key element to corporate success (remember “Culture eats strategy for breakfast"? ), “Getting culture right” has been on the leadership agenda. Some would say that much of the culture of the cyber security professional community is a hand-me-down from military and law enforcement that shaped early careers, a top-down, formulaic leadership style. Recently, cyber professionals have grappled with how to create a culture of information security amongst staff that not only influences behavior in the office but everywhere else too.
Understanding the sub-cultures within any organization is key to bridging the gap between security and breach prevention. As we have talked about before, security culture runs deep. Making improvements will require analysis and targeted training based on a cohort of the traits and characteristics of each “tribe” within the organization.
Who better to learn from than First Responders? As discussed in the panel, they principally understand how training and practice works. This is what makes response and readiness possible. The key components included:
Incident responders are the frontline defenders standing between cyber adversaries causing disruption and the integrity and continuity of critical services. They fight on multiple battlefronts daily. This has a tremendous impact on their daily lives, as pointed out in IBM Security's Incident Responder study:
A sense of duty/responsibility is both what draws people to incident response work and also what creates one of their greatest stressors; meaning what draws people to our field is often what drives them out. We leaders need to do a better job of managing that stressor.
Each year, there are more cyber incidents and network attacks. Leaders must make the practice of cyber sustainable for the people in their organizations.
The panel discussed how to fulfill this critical mission and not burnout and help teams avoid feeling the pressure of being continually under threat. They discussed how to hire for these skills, and bring ‘new recruits’, compensate and motivate them. Again, it correlates with culture and an understanding of people and skills in an organization.
As Lt. Pound discussed fundamental task training, not unlike those in a firehouse is key to team preparedness. Drills like stretching hose line, large force exercises, and other team exercises as well as individualized tasks that need to be orchestrated together must be rehearsed in as real-to-life a situation as possible to achieve the needed level of readiness.
First responders act as a pair with partners or in team exercises to develop coordination and trust. Technology is great but people and processes “win the day,” constant training to build “muscle memory” so that in rapidly evolving situations, staff do not need to expend mental energy on repeatable tasks or actions and can reserve that for unique aspects of that emergency.
Standardization plays an important role here. As Lt. Rodriguez explained, NYPD officers’ duty belts have the same items in the same locations, so that in an emergency, the dark, can quickly find necessary tools (e.g., trauma kits, ammo, etc.) In this way for cyber incident response, coordinated speed of action, global support, and evidence are not overlooked due to different approaches–which creates efficiencies needed for fast response. A solid incident response plan relies on standards.
As discussed above, culture ties it all together. Leadership, teams, practice, purpose, vision, rewards, performance, hiring/firing, and generally “the way we do things” all feed into a cyber team's ability to respond under pressure. Every team needs a “storyteller” to embed security culture into an organization.
As IBM X-Force’s Troy Bettencourt summarized “Regardless of your industry or market vertical, you are most probably a technology (i.e., w/o technology, your organization cannot function). We need to change the narrative with our non-security business leaders. Cybersecurity is not only an IT sub-function or cost center, it should be part of the operational resiliency posture of your organization and deeply embedded into organizational risk management planning and funding.”
The importance of collaboration in creating a cyber-critical service working group cannot be overstated. Responding and training in real-time, with interdependencies and a common goal of helping to secure the ecosystem, can help in creating a belief system that sustains the team under stress long-term.
In conclusion, creating, building, and sustaining a great culture is essential in the cybersecurity field, where the stakes are high, and the threat is continuous. Cybersecurity is a team sport, and peer support plays a crucial role in managing long-term stress and mental health. Fundamental task training and skills, large force exercise, and simulation can help overcome obstacles, and a leadership vision and storyteller can embed security culture into the organization.
Creating a belief system that sustains the team under stress long-term is essential in achieving the common goal of securing the ecosystem. Whether it’s natural disasters for first responders or an attack due to malicious social engineering for a private business, security measures matter. Cybermaniacs was honored to partner with these panelists for RSAC2023.
What are the recent trends in cyber security, risks, and strategy?What will be the new trend in cybersecurity?What are the latest trends in...
4 min read
Human Risks, Human Rewards: Empowering Your Employees to Face Cybersecurity Threats with Human Risk Management
3 min read
In a world increasingly defined by digital interactions, the unveiling of the US Cybersecurity and Infrastructure Security Agency's (CISA)...
5 min read