Security Team Integration

Security Team Integration

Travis Romero Travis Romero

Travis Romero

Security Operations @ Pennymac

Published Nov 7, 2015
+ Follow

Cross-team communication is huge to accomplish goals in any organization, but it's especially important in the Cyber Security realm. In most companies, the task of securing the enterprise is tackled by a few different departments, such as Risk Management, Security Operations, and a CERT team. It's very easy to become silo'd from each other since, for the most part, you have different individual duties. However, making sure these groups communicate can take your Cyber Security group to the next level. Here are some ideas to get you started on integrating your Security Team.

Regular Organized Sync Up:

I didn't want to use the word meeting here, since I believe we all have enough of those filling our calendar. However, setting aside an hour a month has more benefits than you may think. Here's a few things you can do during your sync up:

  • Allow each team lead to share some successes, challenges, road blocks, or related news with the group. 
  • Allow time for general chat. This can create an easier environment for contact in the future on more serious issues.
  • Highlight group initiatives and successes. Perhaps even highlight individuals who have gone above and beyond.

Advantages: Everyone gets to socialize, thus creating a better relationship for future issues or projects.
Disadvantages: It may be taking up valuable project time and some may be generally turned off to a meeting if it isn't interesting.

Security Team Dashboard:

Most teams probably have dashboards showcasing their critical items, sensor health, or whatever it may be, but oftentimes, there isn't a view that is shared between all the teams. Here's some items I'd envision on the your Security team dashboard:

  • A section for each team that highlights overall status or whatever they deem relevant. This helps the other teams know what is consuming most of their time.
  • Display PTO or other events. Others can begin to plan ahead of an absence rather than be caught off-guard.
  • Individual requests or statuses. Depending on the size of the team, allow people to post things on the dashboard. If it's help, where they are going to lunch, or whatever, it could be a useful way to notify the team.

Advantages: A single view that anyone can check, anytime/anywhere, to stay up to date with the entire group.
Disadvantages: Needs to be maintained and kept up to date.

Summary:

No matter how you decide to go about it, integrating all aspects of Cyber Security has huge benefits. The two suggestions above aren't guaranteed to work at every organization! Take some time and think about what works for the individuals you work with everyday and make a change.

Like and Comment if you enjoyed the read! I would also like to hear your ideas on how to integrate a security team! Whether it's something you do today, or it's something your not sure about; lets here it!

Travis Romero 
Founder - FamilyDataSecurity.com
Security Engineer

To view or add a comment, sign in

More articles by this author

See all

Insights from the community

Others also viewed

Explore topics