Wednesday, September 27, 2023
HomeUncategorizedHow Cross Operations Teams Can Improve Your Security Posture

How Cross Operations Teams Can Improve Your Security Posture

Image credit: Alejandra Sarmiento / VentureBeat

Can’t you attend Transform 2022? Check out all the summit sessions in our on-demand library now! look here.

To borrow a sentence, cybersecurity needs a village.

Or, as Sophos CTO Joe Levy puts it: “Modern cybersecurity is becoming a highly interactive team sport.”

And, some organizations are formalizing this by creating cross-operational or cross-functional security teams.

For example, Sophos recently launched Sophos X-Ops, a cross-operations division that leverages artificial intelligence (AI) and connects three established teams: SophosLabs, Sophos SecOps and Sophos AI .


MetaBeat 2022

MetaBeat will be in October Gathering thought leaders on the 4th in San Francisco to provide guidance on how Metaverse technology is changing the way all industries communicate and do business, CA.

Register here

cyberattacks, “…become too complex for any single threat intelligence team to do it alone,” Levy said. “Defenders need the breadth and scale of collaborative teams to provide a multi-faceted, 360-degree view of the attack for optimal defense.”

Not just a goalkeeper

commissioned by data management company Cohesity In a new study, 81 percent of IT and Security Operations (SecOps) decision makers surveyed agreed that, at a minimum, IT and Security Operations should share responsibility for their organization’s data security strategy.

However, nearly a quarter reported that cooperation between groups was not strong. Additionally, 40% of respondents said their collaboration has remained the same even as cyberattacks increase.

According to experts, this is still the case across industries. But multidisciplinary teams should be the priority — they can discover, collect, and analyze predictive, real-time, real-world, researched threat intelligence. This enables them to respond more quickly and at scale to evolving, well-organized, persistent, and increasingly sophisticated threat actors.

“The adversary community has figured out how to collaborate,” said Craig Robinson, vice president of research for ICD Security Services: Robinson emphasized that cross-collaboration teams are “stealing a page from the tactics of cyber criminals”

The cross-operational team also draws on the federal playbook. In March 2022, FBI Director Christopher Wray discusses the FBI’s partnership with the private sector to respond Cyberthreat program.

“Partnerships allow us to strike our adversaries at every point, from the victim’s network all the way to hacking their own computers,” he said. He added, “Trying to stand in the goal and block is not going to get the job done.

By partnering with the private sector, “we are disrupting three things: threat actors, their infrastructure, and their money,” Wray said. “When we work with all We have the most lasting impact when partners disrupt all three together. “

Future SOC

Levy agrees that effective modern cybersecurity requires strong collaboration at all levels, both internally and externally.

Cybersecurity experts are obsessed with improving detection and reaction times—and for good reason. Along the attack chain, there are many points that can be compromised and/or hidden in a network.

“We race against time to detect and block attackers at multiple points in the attack chain,” Levy said.

Sophos X-Ops is an advanced threat response launched in July Joint working groups, which help teams find problems faster while providing a more comprehensive layer of protection, Levy said. By integrating and sharing information and expertise, they can more easily block attacks and analyze them together. They are procedurally organized by Synchronized approach to common systems, program and project management and shared playbook enablement.

The concept of artificial intelligence (AI)-assisted security operations center (SOC) predicts security analyst Intent and provide relevant defensive actions, Levy said. Effective AI requires not only access to vast amounts of data, but also well-curated or well-labeled data, as well as a constant feedback loop between the model and the operators designed to benefit from it.

He called it “the SOC of the future,” adding that the security software and hardware company plans to publish research, technical papers and intelligence to serve as a template for others

Cure security pain points

In summary, scalable end-to-end security operations should include software developers, automation engineers, malware analysts, reverse engineers, cloud infrastructure engineers, incident responders, Levy said , Data Engineers and Scientists – Building an organizational structure that avoids silos.

“A serious pain point in cybersecurity – really any intelligence operation – is having the right intelligence , but it’s difficult to get this information to the right people at the right time in the right way,” agrees Alexander Garcia-Tobar, CEO and co-founder of Valimail.

The San Francisco-based company has developed a Domain-Based Message Authentication, Reporting and Conformance (DMARC) tool to help reduce certain types of fraudulent emails.

As Garcia – As Tobar pointed out, there is a huge amount of data moving across organizations every day – business Business, industry and personal data, financial information, “is definitely valuable information for hackers to exploit,” he said.

Multidisciplinary teams combine IT Operations, Security Operations (SecOps), and other relevant departments to help prevent this from happening.

“Think of it as security working at devops speed,” he said.

While who ultimately sits at the dinner table depends on the size and industry of the organization, when building effective cross-functional teams, consider all stakeholders related to your organization’s data Compliance, Garcia-Tobar said.

This can include logistics personnel, as well as Chief Compliance Officers, Chief Human Resources Officers, Chief Information Officers, Chief Information Security Officers, Chief Privacy Officers, Chief Risk Officers and General Counsel .

The one who binds the team together is the one who “as its champion” can set clear goals and communicate expectations clearly. Administrative support is crucial, he said, because ultimately, each collaborator has its own goals and priorities.

“You create friction when they don’t align with another team’s success criteria,” he said, describing executive leadership as “a beacon that guides what’s best for the organization. A whole.”

Trust, Communication, Diversity

What is another essential element for cross-functional teams to work effectively? Believe.

“Without a lack, cross-team efforts stutter and often fail,” Garcia-Tobar said.

Therefore, it is the responsibility of executives and individual team leaders to build trust and promote buy-in among all stakeholders. It’s a matter of “building bridges and advocating for capacity, transparency, openness and fairness,” he said.

It is also important to communicate effectively through regular touchpoints, giving everyone the opportunity to solicit feedback, provide input, reinforce priorities, and keep everyone updated. This helps keep organizations compliant with regulations, and they can use the data collected to understand how different areas of the organization interact with each other.

Building a diverse team can give organizations the advantage of multiple perspectives from facts and hard data and shared insights to drive innovation and better-informed decision-making. Hence, “more insightful, more plausible results”.

“Everyone is responsible for security. Collaboration across teams enables teams to respond faster to cybersecurity threats, increase resiliency, reduce risk—and most importantly, foster the ability to drive innovation A dynamic partnership,” Garcia-Tobar said.

In summary, executive leadership must prioritize safety, set safety goals, present them to the board responsible for them, and continually review progress.

“When companies prioritize a security culture—that is, a robust, rigorous, people-centric risk management strategy—they are better able to defend against cybersecurity threats,” Garcia-Tobar .

He added, “Implementing a cross-team approach can generate more open dialogue around security, enabling teams to strengthen priorities and drive accountability across all departments and stakeholders. “

MissionBeat’s Mission
will be a digital town square for technology decision makers to acquire transformative enterprise technology and transactional knowledge. Learn more about membership. network security red lock white key wifi symbik



Please enter your comment!
Please enter your name here


Featured NEWS