Based on the insight and relationships developed over many years, Global Knowledge has developed a best practices model of a superior cybersecurity organization—bringing our research and experience to bear and validating against hundreds of organizations, from the largest to the smallest. In studying world-class cybersecurity organizations, Global Knowledge discovered several critical characteristics that successful cybersecurity organizations all seem to share. So how does an organization like yours build a winning cybersecurity team? Let’s find out.
Step 1: Acknowledge that cybersecurity is a people problem, not a technology problem, and prioritize accordingly.
Many people assert that cybersecurity was not an issue before the advent of computers and networking. That’s true, as far as it goes. However, it is also true that every single cybersecurity attack has been initiated by a human, and every single mitigation and response was put in place by a human. Computers don’t attack computers unless told to do so by a human attacker. Systems don’t mount a defense unless configured to do so by a defender.
That’s not to disparage the important breakthroughs happening in cybersecurity products today. Every week there are new announcements of advanced biometric scanners, behavioral analytics and machine-learning based systems that can detect zero-day attacks. These do improve security. However, we believe that despite all of these advanced systems, there still needs to be human engagement to make a purchase decision, deploy and integrate them into a solution. This critical piece—the human—has the largest impact on return on investment (ROI) for cybersecurity success. A firewall or intrusion prevention system that has not been properly configured by a knowledgeable human will never work as intended.
The single best investment a cybersecurity team can make is in themselves. That investment in knowledge, skills and abilities amplifies the value of any technology solutions they deploy. According to the Global Knowledge IT Skills and Salary Report, we’ve seen a global rise in IT skills gaps, especially in cybersecurity. Decision-makers are struggling to hire qualified cybersecurity talent more so than any other functional area. And the shortage of cybersecurity professionals has been trending worse in recent years.
With hiring and outsourcing a major challenge, an investment in people is more important than ever. As Steven Covey observed in his book “7 Habits of Highly effective People,” you have to “Sharpen the Saw.” “Sharpen the Saw” means preserving and enhancing the greatest asset you have—you. The first step in building a winning team is prioritizing people.