• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » Why the cybersec lone wolf myth needs changing

Why the cybersec lone wolf myth needs changing

by Adi Gaskell
9 January 2020
in Security
0
cybersecurity collaboration
0
SHARES

For generations, computing experts have had a reputation as being somewhat socially awkward, which tends to result in them preferring the company of their computer to other human beings (in the flesh at least).  

While such caricatures are pervasive, what is the reality of cybersecurity in our organizations?  Is there a best approach to ensure cybersecurity is deployed successfully? As the remainder of this article will show, there are times when solitary work is ideal, and times when a more cooperative approach is crucial. The evidence for a solitary approach comes via a study undertaken by the U.S. Army Research Laboratory, which explored how often the best performing cybersecurity teams actually interacted with one another.

The focus of the research was the Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC), which is an annual competition, now in its 14th year, which aims to test the cybersecurity skills of college and university students in a lifelike war game style competition.  Each of the teams in the competition was scored across four key performance measures as they attempted to defend their networks from an array of attacks that were designed to replicate those experienced in the real world on critical infrastructure.

Not only were teams required to maintain networked services, but they were also graded on their ability to respond to events as they unfolded during the competition, as well as to particular tasks that were assigned to them from a ‘CEO’ figure.  Last, but not least, they were tasked with filing incident reports on the various attacks to the relevant authorities.

As well as rating teams across these four metrics, each participant was also required to wear Sociometric Badges, with each lanyard tracking the interactions had between team members.  The researchers also assessed various leadership-related areas, such as the distribution of tasks and communication style via a questionnaire that was distributed to each individual at the end of the competition.

Clearly defined roles

So what features characterized the best teams?  Across the competition, it seemed that the best teams succeeded despite (or because of) having relatively few interactions between team members.  The most successful teams also had extremely effective leadership, with each individual in the team fulfilling a clear functional role.  Far from bolstering performance, however, face-to-face interactions appeared to have an adverse effect.

The researchers believe this lack of communication was effective because they were able to function in a clear manner, with individuals all easily identifiable for both their position and the roles they had in the team.  This enabled them to work well despite doing so largely independently of each other, as their collective goals and their contributions towards them were well established.

The authors believe their findings are important because they believe most cybersecurity training today focuses largely on technical skills rather than the way people will work effectively together as a team.  The results from the MACCDC clearly show that management style and structure is vital if our cybersecurity teams are to work well together, but that extensive cooperation is not required.

The case for collaboration

A second study, this time by IT security company LogRhythm, highlights the ways in which collaboration can actually be effective.  They quizzed around 1,500 security professionals to explore their confidence in the ability of their organization to withstand cyber attacks.  The results were not particularly positive, with just 15% reporting high levels of confidence, with the researchers complaining that the numerous high profile hacks in recent years appear to have done little to encourage firms to get their act together.

It’s here that a collaborative approach could be vital, as the ongoing arms race between increasingly sophisticated hackers can render organizations vulnerable if they don’t work together.  This desire for cooperation on cybersecurity was one of the main factors behind the creation of the Charter of Trust by industrial giant Siemens.

The Charter has secured support from industry leaders ranging from Cisco and IBM to Airbus and Daimler, and the group have joined together along three core objectives:

  1. Protect the data of individuals and companies
  2. Prevent damage to people, companies and infrastructure
  3. Create a reliable foundation on which confidence in a networked, digital world can take root and grow

One of the first areas the consortium is looking to address is the security of supply chains.  It’s an area where they believe around 60% of cyberattacks currently take place, and undermines the effectiveness and confidence in supply chains.  They’ve established shared and common standards that can be rolled out across the digital supply chain.

The consortium believes that such is the growing complexity of the digital supply chain that it’s in the mutual interests of all stakeholders to work collectively on ensuring that networks remain as robust, secure and reliable as possible.

These two examples highlight perhaps the ideal combination of cooperation and solitary activity in delivering the highest quality cybersecurity.  With networked systems, it’s vital that industry works together to ensure common standards and approaches, but once that purpose is determined, a more isolated approach is often the best way of delivering at a local level.

With cybercrime estimated to cost around €500 billion per year, it’s clear that a fresh approach is needed if the figures identified by LogRhythm are to be improved upon.  Hopefully, this article will go some way towards providing the direction required to do so. It will be followed by more leadership-related pieces to help cybersecurity leaders overcome the various pitfalls lying in wait for them in the coming weeks.

ShareTweetShareShare

Related Posts

Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
MyFreeCams data leaked on hacker forum

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

21 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Next Post
driverless tech

Driverless tech should care about cybersecurity. Here’s why

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83031 shares
    Share 83021 Tweet 0
  • Facebook is tracking you: learn how to delete all Facebook data

    56 shares
    Share 56 Tweet 0
  • How to find what Google knows about me and get back my privacy?

    0 shares
    Share 0 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    69 shares
    Share 69 Tweet 0
  • Most common passwords: latest 2021 statistics

    381 shares
    Share 381 Tweet 0
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
Alphabet shutting Loon, which used balloon alternative to cell towers

Alphabet shutting Loon, which used balloon alternative to cell towers

22 January 2021
what is wireguard

WireGuard protocol: everything you need to know

22 January 2021
Parler loses bid to require Amazon to restore service

Parler loses bid to require Amazon to restore service

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!