Saturday, April 22, 2023

The Cyber Dream: Overcoming Team Silos & Creating Unity

 


As many more businesses are now entering into the Cloud, whether it is AWS or Microsoft Azure, data leakage has become a serious problem.  A lot of this can be attributed to the misconfigurations that occur, usually at the fault of the IT Security team that have deployed the applications. 

Another reason is that there is too much over privileging that is being done with the end user accounts.  For example, an administrative assistant might be given read, write and execute permissions, when all they really need are the read and write and permission.

Or another example is when a Network Administrator is given not only the permissions that they need, but they may also be given other permissions that fall outside of their domain, such as being assigned Database Administrator privileges as well. 

With these misconfigurations, data leakages, giving out too many permissions than are needed, it is no wonder that online fraud, or even that of ID Fraud is now becoming rampant in today’s Cyber world.

  Thus now the cries are being heard to merge all three of these Cyber specialties into one force:

*Fraud prevention

*Identity and Access Management

*Cloud Security

Of course, not every business has the manpower or even the financial resources to combine all of these into force.  Before you embark on this herculean feat, your IT Security team needs to address the following questions:

*Despite adopting Multifactor Authentication and other protective measures, are your customers still complaining about the lack of security on your website (especially your online store)?

*Are these complaints and/or concerns causing your overall revenue to fall?

*Is your market growth severely restricted because of an increased level of fraud risks?

*Have your customers ever become a victim of Ad Fraud, Online Fraud, or even ID Theft?

*Do you have too many devices from too many different vendors which is leading to a spawl like effect?

*Does your IT Security team even understand how to take into account Fraud Prevention services?

*Is your IT Security team feeling a strong sense of burnout because of all they have to do?  Is your business experiencing a high rate of employe turnover?

If you have answered “Yes” to most of these questions, then it is probably time to bring in all the three mentioned Cyber areas into one roof.  But this is not something that is to be jumped into quickly, rather, you need to craft a comprehensive plan, using a phased in approach.  Here are some guidelines you can follow to help achieve this:

*What are your Cyber goals and priorities?  What is the overall goal and vision? Keep in mind that this is the job for the CISO or the vCISO, not the IT Security team, but their input should be sought and seriously considered.

*What is your current budget like?  Can it accommodate for all three of the Cyber areas to be formed into one unit?  Also, will your budget be increased if and when needed?

*What extra staffing do you need?  If full-time hires are out of the question, can you make do with just contractors?

*Can you use your existing security technologies to bring in all three Cyber areas together, or will newer technologies be needed?  This is probably best answered by conducting a Risk Assessment, and from there deciding what is needed.  Remember you do not want to expand the attack surface by bringing in many newer technologies and vendors.

Once you have formulated the answers for all of the above questions, the next step is to then find the common goals and objectives to bring all of these areas into one silo.  Remember, you do not have to include all of your IT Security team employees in this, as they are busy and stressed out enough as it is. 

Rather, all that is probably needed is to have just one or two representatives from each specialization form this new, siloed team.

Finally, once this proposed new team is in place (at least in theory), it is very important to have the buy from the upper brass, especially your CISO.  Then from there, it needs to be taken to the rest of the C-Suite and ultimately, the Board of Directors for final approval.

My Thoughts On This:

Trying to get rid of the siloed approach in Cyber has always been a dream, and unfortunately, it has never been realized yet, at least completely.  The problem is that many businesses try to rush into this too quickly, without giving much thought to how it will be done. 

As a result, things fail in the end.  Therefore, it is very important to have that plan first, and use a phased in approach.

Remember, humans are creatures of habit and don’t like change. Trying to create one huge Cyber silo will for sure bring in a lot of resistance to change.  Therefore, taking well thought out baby steps and being slow is the best way forward.

Also, in the end, everybody has to be on board for this new effort, especially from the top.  Unfortunately, you will not get an immediate buy in from them, and they will have to be poked and prodded to finally go along with the new plans.  Keep things as to how it will impact the bottom line, as that is the only thing that they can relate to.

Also, don’t hesitate to use AI and ML tools for bringing all of your siloes under one roof.  They can automate many of the mundane tasks, thus freeing up your staff to focus on the most pressing issues, one of them maintaining a proactive stance on Cybersecurity, and the threat landscape.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...