In 1999, the UK was home to 7 distinct security vendors. Now, in 2018, there are close to 2,000. This means not only are there more issues to solve, but there are also more businesses to service, more devices that need high-levels of security, and greater risks occurring every second.
Creating a strong security culture within your business is vital.
In most businesses, two teams keep the business secure. These are the Operations Team and the Security Team. Security isn't the Operations team priority. Instead, the Operations team manages day-to-day issues. They are the ones “keeping the lights on”. They send out whatever patches devices across the network need.
On the other hand, your Security Team's number 1 priority is keeping the organization secure. They take in intelligence, learn about trends, and then feed what they learn to the Operations Team. Within the Security team’s realm of responsibilities is also threat-hunting and remediation. But the list doesn’t stop there. Several other key areas of functionality which they are accountable for as well include ethical hacking and penetration testing,
On top of that, it’s where the organization can find information about ongoing training or specific security-related processes. When the Security is organized, end users maintain a calm, business-as-usual atmosphere. If there is a vulnerability, the way they relay the information to the Operations Team has to be careful and clear so that it’s remediated swiftly.
“Making sure we have a good connection between Security and Operations, that we share information and tooling wherever possible, means we can respond much quicker to threats,” explains Rob Peterscheck, CIO at a leading multinational pharmaceutical company.
Listen as Peterscheck details the importance of this close relationship:
A suspicious link or even malware attached within a PDF could be an organization’s downfall. If Security reminds the users to check or ask before they open or click, this simple practice could save you millions.
Ultimately, there’s a cognitive reframing which needs to happen here. Operations teams must embrace their sizable security responsibilities, and not expect the Security Team to completely own that area. Forward-thinking organizations, with forward-thinking CIOs, must embrace that cybersecurity is a key aspect of the overall success of the business.