How to Get IT and Security Teams to Work Together Effectively
As cyberattacks grow in number and viciousness, it pays to have a unified defense team. Here's how IT and security experts can join forces to defeat a common enemy.
When it comes to ensuring strong and resilient cybersecurity, it's essential for IT leaders to work in close collaboration with their security counterparts.
IT and security will forever be intertwined, although each holds different perspectives and capabilities, says Kristi Preuss, principal, cyber and strategic risk, at business advisory firm Deloitte. "Because both IT and security teams support the business in similar -- and sometimes overlapping -- ways, friction can occur if there isn’t intentional focus on cooperation between the two teams," she explains in an email interview.
IT and security teams generally collaborate on topics such as identity management, data governance, and cloud management, all of which can cross both IT and security boundaries. "Without cooperative collaboration, these shared domains are destined to be sub-optimal," Preuss warns.
Regardless of an enterprise's size or focus, its IT and security teams must work cooperatively to develop policies and ensure that projects are deployed on-time and on-budget, says Dan Lohrmann, field CISO at digital solutions and services provider Presidio, via email. Data must also be protected, and overall business goals need to be met. "These relationships are simply vital, because if the business fails, you won’t need IT or security anymore."
Come Together
Building strong collaboration starts at the top by creating tight leadership relationships. It's often the CTO and CISO in charge of their respective organizations, Lohrmann says. As such, they need to set an example. "Their relationship is vital to success."
Successful collaboration requires a sense of shared mission, Preuss says. Transparency is crucial. "Leverage technology and automation to effectively share information and challenges across both teams," she advises. Building and practicing trust and communication in an environment that's outside the norm is also essential. One way to do so is by conducting joint business resilience drills. "Whether a cyber war game or an environmental crisis [exercise], resilience drills are one way to test the collaboration between teams before an event occurs."
Getting Along
IT and security team leaders must work as partners with aligned goals and outcomes. "It will take some give and take on both sides," says Mike Scott, CISO at data security platform provider Immuta, via email. He notes that the CISO must be willing to accept progress over perfection, while the IT leader needs to prioritize security and availability equally. "Together, they must have a plan on how to get there and what happens when things go wrong."
When it comes to cross-team collaboration, Scott says it's important for members to understand their communication style as well as the communication styles of the people they work with. "At Immuta, we do this through a DiSC assessment, which each employee is invited to complete upon joining the company."
To build an overall sense of cooperation and teamwork, Jeff Orr, director of research, digital technology at technology research and advisory firm ISG, suggests launching an exercise simulation in which both teams are required to collaborate in order to succeed. "Practice disaster recovery and build a playbook for workflows that requires resources not normally assigned to these roles to pitch in," he recommends in an email interview. "Creating resource redundancy across teams is a good way to cross-train and increase familiarity with different roles."
Lohrmann believes that regular security training and committing to industry resources and guidelines, such as the IT Infrastructure Library (ITIL) and the NIST Cyber Framework), will help both teams work together more closely and achieve success. Yet he notes that training should be tailored to each organization's specific needs and history." When disagreements and conflicts arise, you need clear policies and procedures to deal with exceptions and remediation of issues." Lohrmann observes that when he held CISO and CTO positions at various times with the Michigan state government, there was a committee with specific authority to deal with exceptions, disagreements, and special requests.
Final Thoughts
Inaction must be avoided. "If there are signs of a lack of alignment and cooperation between IT and security, it's important to diagnose the challenges quickly and actively manage a new path forward," says Sharon Chand, principal, cyber risk services with Deloitte, in an email interview. "Culture will not change for the better without intention -- this is a case where management cannot stick their head in the sand and wait for the problem to get better.”
Orr believes that a successful collaboration should be recognized and celebrated by the entire enterprise. "It's often the initiative and actions of these [IT and security] groups that keeps the enterprise from making the news headlines," he notes.
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022