Guest Post: On Cyber Security

Written By Keith Glynn

The “operationalization” of cyber security in today’s business landscape.

Prior to the Colonial Pipeline ransomware attack in May 2021, most manufacturing organizations knew their cyber risk was increasing. However, they were unaware of what the impact of a serious cyber-attack on manufacturing really looked like. Stuxnet occurred many years prior and took place in a foreign country unfamiliar to most people. A cybercriminal marketplace has since formed on the deep web, and nation states are moving from cyber trolling and espionage to malware that can disrupt critical infrastructure.

As cyber security budgets increase, management needs assurances that risk reduction is both efficient and sustainable. The interface between cyber security tool implementation and an organization’s technical teams is that focal point. Deploying a new tool or product feature into an environment is one phase. Handoff to an operational team is a separate effort. The transfer between project and operational teams requires both to be properly incentivized.

Each attribute of this technology transfer can be distilled into a task list for management to monitor. The goal is to have cyber security lower risk, not increase risk by overloaded resources or inadequate training. Changes to the cyber security operations environment should be constant, but the corresponding level of communication should be equally constant. I call this stage of the process “operationalization.

Deploying new cyber security features alongside existing tools requires steady, operational review. Periodic discussions facilitate the most efficient pathway while measuring impact on current resources. Technical implementation sessions should follow the higher-level architecture and planning meetings with specific task-oriented agendas.

Shared experiences foster team growth and provide a platform to understand cyber risk and find efficiencies to stretch limited budgets. External security engineering and architecture services vendors can also be hired to collaborate and ensure best practices.

Operationalization is vital to those enterprises that digest and use new features to lower risk. Well-aligned teams are in the best position to create higher efficiencies. Empower these teams and ask their opinion as a continuous feedback loop. They are the front line of risk management in your organization. Cyber security is part of everything we do today, and it is, at its core, a team-oriented effort.

If you would like to talk more about operationalization with Stygian Vortex Security Consultants, please contact us at inquiries@stygianvortex.com

Keith Glynn http://www.stygianvortex.com
Previous

Guest Post: On Career Change
Next

Are Professional Associations Withering or Thriving? It Depends.