What makes a lean security team tick

  • Adaptability: Cybersecurity, like any other discipline, is a conglomeration of several different activities that, in one way or another, aim to keep an attacker from reaching their goal. When an organization is working with big budgets, they have the flexibility to build out a security team where analysts focus on any of these specific activities. For instance, you may have analysts focusing specifically on managing firewalls and network protection systems while others only concentrate on endpoints. In lean security teams, however, the flexibility to specialize does not exist. While you may still have members of the team that have deep expertise in a specific aspect of cybersecurity, they do far more than just handle security issues that fall inside that area. This adaptability enables the lean security team to deliver the security outcomes required by the business.
  • Selfless: As a person who grew up playing organized sports, football specifically, I learned early on that the team’s goals were far more important than any specific goals I had in mind. When the team succeeded, I succeeded. And for the team to succeed, I had to do my job every day. We find this selflessness in many lean security teams. In the lean security team, everyone is at the ready to help anyone struggling with an incident. When any analyst wins, with the team’s help, everyone wins. That’s all that matters.
  • Working Smarter, Not Harder: Finally, when looking at a lean security team, we often find a management team that takes the maxim, “work smarter, not harder,” to heart. This management team is always looking for ways to minimize the manual workload on their teams, to squeeze everything they can out of their team. One great way to see that you are working with a highly effective lean security team is by reviewing their tools to get the job done. You will no doubt find that anything that can be automated has been automated, from data collection, to threat detection and ultimately through incident response. These teams use security products that require minimal custom configurations and can offer value right out of the box. For instance, while their automated response capabilities may not be as sophisticated as you could achieve with a complex stand-alone SOAR product, they enable the lean security team to stop and mitigate threats as quickly as possible, which is their goal.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Stellar Cyber

Stellar Cyber

2 Followers

Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by unifying all currently disjointed security tools and data sources.