How to Structure a Cybersecurity Team

Cybersecurity is a growing concern, and best practices, tools, and threats are increasingly complex. For example, some organizations are managing thousands of devices that are IP-connected so IP address management (IPAM) is a top priority along with everything else.

These pressures are requiring that organizations build-out their cybersecurity team, but even so, around half of midmarket companies have little if any strategy at all.

The following are things to know and tips to beef-up and structure a cybersecurity team that’s going to be able to meet modern challenges.

Create An Internal Pipeline

The number of skilled cybersecurity specialists is significantly lagging behind the demand for these talented professionals. According to the Bureau of Labor Statistics, almost a quarter of a million jobs in cybersecurity were unfilled in 2015, and that’s a number likely to continue growing.

One option to combat the lack of talent in the cybersecurity field is to start building from the inside.

If you have people who currently work on cybersecurity in any capacity, think about paying for them to undergo the training and education necessary to meet your organization’s needs.

Post open cybersecurity positions internally first and see if there’s any interest.

You do have to remember that cybersecurity roles pay well, and you want to ensure that you’re representing that with the salary you pay your staff, even if you recruit them from within the organization.

The benefit of hiring from within, along with the ability it gives you to build your own talent pipeline and have more control over a challenging situation is that these are employees who already understand your business and beyond the technical skills they might need to learn, culturally and logistically they’ll be ready to hit the ground running.

Even when hiring primarily from within or turning to internal employees first, you will inevitably need to hire outside as well. You have to think about your employer brand specifically as it pertains to cybersecurity.

You’ll need to be able to show that you’re willing to invest in the newest technology and best practices.

A good cybersecurity professional is going to need to know that you are dedicated to tools, analysis, and execution. They’ll also want to see that you’re willing to invest not only in technology but also in human capital.

Be Flexible

When you’re building and structuring a cybersecurity team, with the serious shortage of talent, you’re going to have to be flexible. Don’t limit yourself geographically, for example.

Hire outside your geographic range if it works out and let employees work remotely.

As was briefly touched on, you should also deliver career development opportunities. Cybersecurity teams can become stagnant very quickly, and their skills can be obsolete, but if you have a flexible culture of continual development, you can reduce this risk.

Your Team Needs to Have Specialized Members Who Are Comfortable Collaborating

When it comes to structuring a cybersecurity team, there are two things that need to happen, and sometimes these goals can seem oppositional to one another.

First, your team needs to include specialized with very specific expertise in areas including cloud computing, mobile device security, and network management.

At the same time, there has to be collaboration because all of the elements of your cybersecurity strategy have to work together.

Collaboration and teamwork in cybersecurity can help with more rapid identification of emerging threats, and knowledge-sharing can strengthen strategies.

Structuring the Team

When you’re structuring your cybersecurity team, you have to understand the fact that cybersecurity is everyone’s responsibility.

It starts at the highest level, and senior management is responsible for creating priorities and helping frame the culture, but every single employee plays a role.

Depending on your organization, you may have a CISO or CSO, and perhaps that’s you. That role is about taking an overall look at risks and not only developing but also implementing plans that minimize existing risks.

A CISO/CSO should show a commitment to security and keep everyone aligned on a security culture. A CSO develops a roadmap and can honestly look at where improvements need to be made in security strategy.

As a CISO/CSO, honesty is imperative as far as the threats the organization faces, but it’s important to resist the urge to overdramatize them to get funding or hammer a point home. Your efforts will crumble because what you say will stop resonating.

Everyone organization’s specific structure might vary somewhat depending on factors like size and industry, but some of the roles and responsibilities that typically exist include:

  • Software development is important for cybersecurity because it can help you bring in someone with a set of knowledge and skills you might have to otherwise go to a third-party.
  • Monitoring issues and catching them quickly are imperative, and this is where you’ll fill roles relating to threat intelligence and detection as well as incident management.
  • Risk mitigation works on auditing and strengthening of controls.
  • Without data analytics, it’s difficult to have the actionable information you need for decision-making.

You could also look at the structure of IT teams as analysts, engineers, architectures, and developers/coders.

Analysts look at threats and then recommend solutions to combat them.

Engineers monitor security, do analysis, and explore new ways to get information.

Architects design security systems and, in some cases work on implementing and administering them.

Software developers and coders create the tools needed to fully monitor threats and administer network-wide solutions.

Building a cybersecurity team is difficult from many different standpoints. For example, it’s tough to find the talent you need, and you need to support and cultivate a culture of constant development. You also have to ensure the team is collaborating effectively, and you need to be accountable to the board and senior executives.

When you do focus on structure and building out a great team, the advantages can be tremendous. It’s one of the most important things for a business to be competitive in a modern environment where cybersecurity is a growing threat.