Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
    • Best web hosting services
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » Why the cybersec lone wolf myth needs changing

Why the cybersec lone wolf myth needs changing

by Adi Gaskell
9 January 2020
in Security
0
cybersecurity collaboration
0
SHARES

For generations, computing experts have had a reputation as being somewhat socially awkward, which tends to result in them preferring the company of their computer to other human beings (in the flesh at least).  

While such caricatures are pervasive, what is the reality of cybersecurity in our organizations?  Is there a best approach to ensure cybersecurity is deployed successfully? As the remainder of this article will show, there are times when solitary work is ideal, and times when a more cooperative approach is crucial. The evidence for a solitary approach comes via a study undertaken by the U.S. Army Research Laboratory, which explored how often the best performing cybersecurity teams actually interacted with one another.

The focus of the research was the Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC), which is an annual competition, now in its 14th year, which aims to test the cybersecurity skills of college and university students in a lifelike war game style competition.  Each of the teams in the competition was scored across four key performance measures as they attempted to defend their networks from an array of attacks that were designed to replicate those experienced in the real world on critical infrastructure.

Not only were teams required to maintain networked services, but they were also graded on their ability to respond to events as they unfolded during the competition, as well as to particular tasks that were assigned to them from a ‘CEO’ figure.  Last, but not least, they were tasked with filing incident reports on the various attacks to the relevant authorities.

As well as rating teams across these four metrics, each participant was also required to wear Sociometric Badges, with each lanyard tracking the interactions had between team members.  The researchers also assessed various leadership-related areas, such as the distribution of tasks and communication style via a questionnaire that was distributed to each individual at the end of the competition.

Clearly defined roles

So what features characterized the best teams?  Across the competition, it seemed that the best teams succeeded despite (or because of) having relatively few interactions between team members.  The most successful teams also had extremely effective leadership, with each individual in the team fulfilling a clear functional role.  Far from bolstering performance, however, face-to-face interactions appeared to have an adverse effect.

The researchers believe this lack of communication was effective because they were able to function in a clear manner, with individuals all easily identifiable for both their position and the roles they had in the team.  This enabled them to work well despite doing so largely independently of each other, as their collective goals and their contributions towards them were well established.

The authors believe their findings are important because they believe most cybersecurity training today focuses largely on technical skills rather than the way people will work effectively together as a team.  The results from the MACCDC clearly show that management style and structure is vital if our cybersecurity teams are to work well together, but that extensive cooperation is not required.

The case for collaboration

A second study, this time by IT security company LogRhythm, highlights the ways in which collaboration can actually be effective.  They quizzed around 1,500 security professionals to explore their confidence in the ability of their organization to withstand cyber attacks.  The results were not particularly positive, with just 15% reporting high levels of confidence, with the researchers complaining that the numerous high profile hacks in recent years appear to have done little to encourage firms to get their act together.

It’s here that a collaborative approach could be vital, as the ongoing arms race between increasingly sophisticated hackers can render organizations vulnerable if they don’t work together.  This desire for cooperation on cybersecurity was one of the main factors behind the creation of the Charter of Trust by industrial giant Siemens.

The Charter has secured support from industry leaders ranging from Cisco and IBM to Airbus and Daimler, and the group have joined together along three core objectives:

  1. Protect the data of individuals and companies
  2. Prevent damage to people, companies and infrastructure
  3. Create a reliable foundation on which confidence in a networked, digital world can take root and grow

One of the first areas the consortium is looking to address is the security of supply chains.  It’s an area where they believe around 60% of cyberattacks currently take place, and undermines the effectiveness and confidence in supply chains.  They’ve established shared and common standards that can be rolled out across the digital supply chain.

The consortium believes that such is the growing complexity of the digital supply chain that it’s in the mutual interests of all stakeholders to work collectively on ensuring that networks remain as robust, secure and reliable as possible.

These two examples highlight perhaps the ideal combination of cooperation and solitary activity in delivering the highest quality cybersecurity.  With networked systems, it’s vital that industry works together to ensure common standards and approaches, but once that purpose is determined, a more isolated approach is often the best way of delivering at a local level.

With cybercrime estimated to cost around €500 billion per year, it’s clear that a fresh approach is needed if the figures identified by LogRhythm are to be improved upon.  Hopefully, this article will go some way towards providing the direction required to do so. It will be followed by more leadership-related pieces to help cybersecurity leaders overcome the various pitfalls lying in wait for them in the coming weeks.

ShareTweetShareShare
Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

500M LinkedIn user records sold on hacker forum
News

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

by CyberNews Team
6 April 2021
5

We updated our leak checker database with more than 780,000 email addresses associated with this leak...

Read more
LinkedIn, FB, Twitter, Clubhouse apps seen on an iPhone

Recent Facebook, LinkedIn and Clubhouse leaks explained

15 April 2021
Cheapest tool to kill satellites? A computer

Cheapest tool to kill satellites? A computer

13 April 2021
A gift to criminals and tyrants? Soon, wireless devices could become object sensors

A gift to criminals and tyrants? Soon, wireless devices could become object sensors

13 April 2021
“Not ideal” from a privacy standpoint: Clubhouse API lets “anyone” scrape public user data

“Not ideal” from a privacy standpoint: Clubhouse API lets “anyone” scrape public user data

12 April 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
    • Best Web Hosting Services
  • Tools
    • Password Generator
    • Personal Data Leak Checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.
Subscribe For Security Tips And CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Our Privacy Policy and Terms & Conditions

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.