Cross-Functional Collaboration for Enhanced Cybersecurity: Deron Grzetich Of West Monroe On The Best Practices For Effective Cross-Functional Collaboration

An Interview With David Leichner

Emphasize collaboration, and ensure it is engrained and celebrated within company culture.

Cybersecurity is a collective endeavor, and implementing effective security measures often requires the cooperation of cross-functional teams. In the face of threats posed by malicious AI, how do product security managers foster this collaborative environment? How do they work together with various teams to build and maintain a secure digital infrastructure for their organization’s products?

In this series, we aim to learn the strategies, practices, and approaches employed by product security managers to foster cross-functional collaboration toward improved security. We’re interested in exploring the dynamics of these collaborations and how they contribute to the overall security posture of an organization. As a part of this series, we had the pleasure of interviewing Deron Grzetich.

Deron loves building things — services, people, teams — you name it. But he’s particularly passionate about building solutions for clients that help protect them from a cyber threat or cyberattack’s reputational, regulatory, and financial impact. His pragmatic yet unique approach has solved some of the most difficult cyber issues. He has helped his client build programs to remediate vulnerabilities and reduce their attack surface, leveraged machine learning and automation to improve the effectiveness and efficiency of cyber operations, and enabled companies to detect and respond to cyber threats and incidents.

He is as comfortable discussing cybersecurity issues and solutions with the C-suite and board as he is rolling up his sleeves and digging into them with front-line cyber/technical resources.

Deron joined West Monroe in 2023 from KPMG, where he was a Managing Director in the Cyber Services practice. He earned a bachelor’s degree in engineering from the University of Illinois Chicago, along with an MBA and a master’s degree in Computer, Information, and Network Security from DePaul University.

Deron remains active at his alma mater, DePaul, as adjunct faculty in the School of Computing and Digital Media, teaching graduate-level information security courses to provide those entering the industry with a head-start and skills they will use for years to come. He is a volunteer Solar System Ambassador (SSA) with NASA Jet Propulsion Laboratory, educating local communities about NASA missions and space exploration. He is a USA Hockey certified coach for a youth hockey team, one daughter plays hockey (the other volleyball), and he owns a company that produces locker room hockey banners for teams in the United States and Canada.

Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I grew up in the Chicago suburbs, and really enjoyed the dichotomy of a smaller town near the big city. The neighborhood was really active, especially for families with kids — we played sports together daily. I was surrounded by entrepreneurs and spent a lot of my childhood taking apart household appliances to see how they worked. My mom made sure to get me toys so I could constructively explore this, instead of experimenting on our house.

Looking back, I was so lucky to be in this environment at such a young age. I witnessed how much work goes into starting a business, ensuring its financial stability, and the reward it brings. Sports taught me to deal with failure, the thrill of accomplishing a goal, teamwork, and resiliency. Plus, I now coach my daughter’s hockey team. It’s been really rewarding to look back at my childhood and see how those themes are realized in my adult life.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

I studied chemical engineering in college and worked for a few years in computer science and an R&D lab as a chemical engineer for a metallurgy company, But I’d always been drawn to IT, and eventually the opportunity presented itself to make the switch, so I did.

I got a job as a systems administrator that I really enjoyed. When that company moved entirely online, I had to learn cybersecurity and embrace those principles to ensure their work was secured. This is what got me into the industry, and I essentially became self-taught.

Cybersecurity wasn’t a major you could study in college when I was completing my undergraduate degree. After I made the jump into the cyber industry, there were enough people asking how a chemical engineer wound up working in cybersecurity that I opted to go back to school for a second degree. I earned my Master’s in cybersecurity from DePaul University, and eventually returned to teach as an adjunct professor.

Can you share the most interesting story that happened to you since you began this fascinating career?

Early on in my career, I oversaw deployment of an Intrusion Detection System (IDS) for my company and encountered Nimda (a virus) and Code Red (a worm). At the time, I was amazed when I saw the attacks hitting our perimeter. Our systems weren’t impacted, but it sparked my journey to learn more about offensive security, how these attacks function, why operating systems and applications were vulnerable, and how to remediate or prevent success of the attack.

This was entirely new for the industry — we’d evolved beyond phone calls tuned to a whistle frequency. It was an attack on a corporate system.

Simultaneously, I realized that because I’d learned scripting, I could simply parse the IDS logs for the attacking systems, and script an action to contain the spread. That script could connect the vulnerable systems, alert them to this infection, print copies on their default printer, and changed their background. It would then shut down the server to stop the worm, with the goal of the next person to turn it on to see those alerts via the desktop and printer.

But this well-intentioned action had unintended impacts. Even after testing, I was inadvertently shutting down hundreds of servers each evening regardless of potential viral impact. I quickly learned that we should be more vigilant to the risks of not protecting networks and systems; attackers were willing to target corporations and their resources; and there was someone on the other side of that keyboard who I was playing against.

You are a successful leader. Which three-character traits do you think were most instrumental to your success? Can you please share a story or example for each?

• As a leader, I always lead with curiosity. Cyber is constantly shifting, and attackers change — even as the motivations remain the same. It’s important that we keep ourselves curious to ensure we’re always paying attention to what’s new.
• I also prioritize motivating and rewarding people. Good leaders want to be replaced. I want to make sure my team works as hard as they can to eventually take my job. That means I’ve passed along all the knowledge I have, and they’ve built on it with their experience and perspective to take us even further.
• Lastly, I will always be transparent, lead with integrity, and remain accountable. Those are key traits I think every leader should embody.

Are you working on any exciting new projects now? How do you think that will help people?

• Currently, I’m collaborating with our M&A and private equity team at West Monroe on buy-side due diligence for cyber products. It’s a voice of the CISO market perception.
• Additionally, we’re tackling a third-party assessment of an organization’s response to an incident or data breach. It’s an outside-looking point of view to demonstrate how companies can better respond to incidents in the future. For instance, if someone was in an accident and I witnessed it, I can provide a good account of what occurred. Third-party perspective brings transparency to the process and gets people honest about what needs to be fixed in their cyber programs.

How do emerging technologies like AI and machine learning influence the risk to the cybersecurity landscape?

• AI and machine learning can be a double-edged sword — people use it for good and for evil. Microsoft has a great security co-pilot, which is a GenAI solution for defenders and responders that lowers the barrier of entry and increases the speed at which they can triage, investigate, and respond to potential incidents.
• Another compelling example is a course I taught at DePaul called Reverse Engineering Malware. You had to understand the assembly of this malicious code, then take it apart to better understand those components and what they did. It’s not as easy as it sounds, but GenAI is making those things easier. It’s a tool to understand what is happening without having to take it apart.
• The more AI and machine learning improve, the better we get at detecting anomalous behaviors, which especially applies to fraud, insider threats, and traditional external attackers.

How are emerging technologies like AI and machine learning enhancing our capabilities to protect against these risks?

• We’re not totally there yet, but we’re getting closer. When done right, these technologies make us better at detecting threat activity. Is this perceived threat a one-off issue, or does it indicate something bigger? AI and machine learning can help us answer these questions.
• From a human efficiency perspective, automation holds a lot of promise for security operations center analysts. There are a lot of manual tasks and activities that an analyst does that could be automated — you still need a human element to analyze the results and make decisions. So, this application wouldn’t replace analysts, but would make them more efficient.

Could you highlight the types of cyber-attacks that you find most concerning today, and why?

• Nation-state threats are the most concerning to me. Most developed nations have cyber warfare capabilities, particularly most developed nations. We’ve seen it being used like in Operation Olympic Games where the United States and Israel jointly took down Iranian nuclear facilities.
• Countries don’t want to get into a back-and-forth battle with access to critical infrastructure. This is best exemplified through a water treatment facility. If facilities like that are marked for a cyberattack, the results would be catastrophic and chaotic. But we work to keep those entities protected knowing they’re critical to society.

Ok, thank you. Let’s now move on to our main topic of Cross-Functional Collaboration in cybersecurity. Let’s start with a basic definition so that we are all on the same page. What exactly is Cross-Functional Collaboration?

To me, cross-functional collaboration means different areas of focus and expertise needed to reach the objective on what we need to do. You need to pull in experts across industries who have the depth of knowledge on certain topics to ensure a conclusion or objective is inclusive of their background. That collaborative nature is about setting a goal and defining what is needed to reach it. We’re aligning the diverse expertise and perspectives of a group to accomplish goal. At West Monroe, we call this our multidisciplinary approach.

Can you share a few reasons why Cross-Functional Collaboration is so critical in today’s cybersecurity threat environment?

Bringing in a cross-functional team when solving a complex problem is critical — it ensures that a solution has been pressure-tested from a variety of angles. If a threat is an immediate business need or risk, or when you’re doing something innovative — what some might call a “big hairy audacious goal.” Those goals are fraught with complexity and potential pitfalls that we as an organization need to address.

How does a leader effectively create a culture of Cross-Functional Collaboration?

The best cyber leaders I’ve worked with fostered transparent and open communications. That goes with building trust with your peers across the organization. These leaders aren’t salespeople — they’re advocates for their programs leading with emotional intelligence while demonstrating what’s important to them. They understand their peers’ positions and use that to get buy-in and collaboration across multiple departments.

Could you share any challenges you’ve encountered in promoting Cross-Functional Collaboration and how you’ve managed to overcome them?

I feel like I’ve been solving this problem for the past decade — it’s vulnerability management. There’s a deep necessity for cross-functional collaboration in these arenas between cyber and IT teams. We build these programs, but the IT teams need time and space to get them installed and enacted. We see success when the process is well-defined and created with all teams involved in its development. We identify those points where teams support each other, areas of strength and weakness, and proactively address each to be good partners.

Here is the main question of our interview. What are your “5 Best Practices for Effective Cross-Functional Collaboration”?

Teams need to:

• Define clear goals with consensus and clear understanding. This includes effectively assigning work and tracking how it needs to be done.
• Emphasize collaboration, and ensure it is engrained and celebrated within company culture.
• Prioritize conflict resolution. If you plan for conflict, it can be overcome.
• Develop effective communication channels. Every stakeholder should always know what’s always happening within their teams and on projects.
• Balance of under- and overcommunicating. It demonstrates respect for everyone’s bandwidth and how they contribute to the team.

You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger.

• As a parent of two teenage daughters, I do think limiting or getting rid of social media could be a positive. Then again, I played Atari and Nintendo for hours as a kid and seem to be okay. But that was me against the computer, not individuals, groups, or corporations pushing a message, trend, or product.
• In a professional realm, I’d like to see more transparency in communications for our progress in the cyber journey. Too many CISOs respond publicly with rose-colored glasses — where everything is great, and nothing should be a concern. We need an open and honest dialogue on the challenges and proposed solutions in our industry. This goes for both the public and private sector. The new cyber strategy released by the White House gives me faith that we’re trending in the right direction, particularly as it aims to help under-resourced organizations like healthcare providers and schools with cybersecurity.

How can our readers further follow your work online?

Feel free to follow our work on WestMonroe.com.

This was very inspiring and informative. Thank you so much for the time you spent on this interview!

About The Interviewer: David Leichner is a veteran of the Israeli high-tech industry with significant experience in the areas of cyber and security, enterprise software and communications. At Cybellum, a leading provider of Product Security Lifecycle Management, David is responsible for creating and executing the marketing strategy and managing the global marketing team that forms the foundation for Cybellum’s product and market penetration. Prior to Cybellum, David was CMO at SQream and VP Sales and Marketing at endpoint protection vendor, Cynet. David is a member of the Board of Trustees of the Jerusalem Technology College. He holds a BA in Information Systems Management and an MBA in International Business from the City University of New York.