Connect security stakeholders through communication, collaboration and cross-organizational workflows
Security conversations aren’t contained to the SOC; they’re happening in board rooms, on investor calls and in customer communications. The new reality is
that security is everybody’s business, and that means communication and collaboration around security is more important than ever before. Yet, too often,
different business constituents aren’t speaking the same language when it comes to security. They may have different definitions of compliance, have opposing
views on what constitutes a serious threat or simply disagree on which security initiatives are most important for the future. And these differences create a
breakdown in communication and collaboration.
The first step for organizations is to establish a common security language. Some of this may involve education, such as defining what the difference is
between a data breach and data exfiltration. Much of the commonality can be communicated through shared data and metrics, so that everyone can quickly get on
the same page. Security analysts will find they collaborate better when Level 1 analysts have visibility into Level 2 and Level 3 analyst responsibilities so
they can better assist them. CSOs and SOC managers will find they meet with less resistance on budget requests when they can have informed conversations with
the CIO, CEO and CFO.
As part of this process, organizations should identify who owns the security responsibilities within each organization. Assigning points of contact in each
appropriate department (e.g., finance, public/investor relations, marketing, legal) will allow organizations to complete their playbook in the event of a
data breach, for example, to ensure that each department has the information it needs to react and respond in a timely manner. This becomes increasingly
important as organizations take next steps after attack discoveries, from communicating with customers to filing compliance reports with regulatory agencies.