A Cyber Team’s Most Effective Tool

The best tool that a cyber security leader will ever deploy in the defense of an enterprise is trust. It is taking the time to build relationships outside your immediate team.

If the most recent WannaCrypt malware reminds our industry of anything I hope it is this:

  1. Focus on first principles — great cyber hygiene will beat out almost any “Advanced Cyber Tool” any day of the week (patch!)
  2. Focus on inter-team relationships — It is the relationship you build in the off season that will get you the support you need at 2am.

The unsung hero of this most recent ransomware campaign that took down hospitals and government building across the world are the IT Operations teams, the ones tasked with deploying thousands of MS17–010 patches across most enterprises. Most cyber teams are setup to perform investigations and take precise protective action, but solving the actual root of the issue, installing the patch, sits with ITOps.

As a leader in cyber security, take a moment to reflect on what worked and what did not over this past weekend. You may find it is not more technology, but better relationships with your ITOps teams that would be the greatest benefit to the enterprise.

Maybe the next tool you invest in is not “machine learning, x-gen av, or threat intel magic” but a simpler and more effective patching platform that removes the crushing burden of patching from your ITOps teams.

As you do your root cause analysis this week, think what could have done differently to better protect the firm and empower the teams to be better and faster.

Having a highly effective ITOps team that works with and trusts the cyber team is not some unachievable feat, it is real, I know it exists because it happened to me this past weekend.