Security professionals and business leaders were left reeling in the wake of recent mega breaches to major credit reporting agency Equifax and the Securities Exchange Commission.
As investigations of both incidents proceed, senior executives across the financial services industry are aware, more now than ever, that it is not a matter of if their network will be breached, but when. Given this grim reality, how can organizations best prepare for the inevitable?
Although there are more cyber solutions in the market than ever before, it takes skilled professionals to manage the usage and integration of tools, technology and tactics in order to protect the enterprise. Early reports show that good cyber hygiene could prevented the Equifax breach, and the SEC has already reported it is bolstering its security forces as a preventative measure for the future. Each major incident brings light to the growing skills shortage and reinforces the fact that a skilled security team is the best line of defense.
Cyber attackers are patient and try many different methods before gaining access, while enterprise security teams must counter every single one, every day. To be successful in this minefield of vulnerabilities and exposures, executives need to make the key policy choices. It’s all about risk, identifying it, understanding it, managing the cyber risk to each line of business and training your team to mitigate risk at all levels. You can’t just turn the computers off and shut your door, nor can you rely on outdated, traditional training methods to prepare your team for a landscape of threats and continuously evolve.
Preventative cybersecurity requires policy makers to be willing to rethink operations as the threat landscape evolves. For instance, just a few years ago it was considered sufficient to put up a firewall or require authentication for accessing important business information. But as network perimeters began to disappear and phishing scams more often compromised credentials, it became important to employ new tactics—such as advanced endpoint protection and privileged access management.
Similarly, it is time for business leaders to rethink cybersecurity training and workforce development.
The best approach realigns the security organization to train and defend as a team. Business leaders cannot expect to fill roles with individuals looking at data and intelligence feeds without business context and expect them to be successful any more than a coach can send a group of individuals onto a soccer field and tell them to “win.”
The team approach to cyber requires well understood team roles, tactics, techniques and procedures, as well as consistent training in order to execute. Traditional training methods are often static and focused on individual learning verses immersive, agile and team-based—all factors that lead to higher retention and a better prepared workforce. Soccer teams train on the field, honing skills and executing strategy, and financial cyber teams should train the same way. Engaging in team-based “war gaming” in virtual environments that replicate the unique systems and complexities of a financial services organization will enable them to better understand the adversary and risk in the context of their own businesses.
When business leaders realign security organizations to leverage the team-based approach, the result will be a better prepared, more resilient cyber workforce. This benefit will extend beyond each organization and benefit the industry as a whole.