Taking a team approach to cybersecurity

By Tim Brown, Dell Fellow and Executive Director, Security, Dell Software Group, Dell

In previous posts we looked at the increasing demand for cybersecurity professionals and forces that are exacerbating the shortage of security talent. We identified one of the key reasons for this shortage: organizations need well-rounded security professionals, who combine a varied set of skills and characteristics, from technical certification to effective communications and end-user empathy. And the truth is, there aren’t many of them out there.

With more than 209,000 unfilled security jobs in the U.S., you can’t hold your breath waiting for certified security professionals loaded with soft skills to walk through the door; candidates with such credentials are very valuable , so if you find one, grab hold and don’t let go. But sometimes, finding, evaluating and developing talent in the face of a shortage like this means getting creative. It may mean assembling teams of people with complementary talents and skills who can work well together and help create a culture of information security.

That doesn’t mean you can scrimp on the basics. Strong cybersecurity teams will always need folks who understand how to protect the network, the endpoints and the data while ensuring proper identity and access management. But pairing an MBA with a GIAC-certified specialist, for example, can form a whole that’s greater than the sum of its parts.

While the role of cybersecurity professionals continues to evolve as information security increasingly becomes a business enabler, the essential team building blocks, both hard and soft, remain the same—technical expertise, analytical and diagnostic skills, innovative and collaborative thinking, adaptability, active listening, good communications, business savvy, and industry expertise. Building cross-disciplinary teams like this, rather than trying to find all these qualities in one person, can actually improve decision-making. (Voluminous studies have confirmed the wisdom of crowds.) And as the shortage drives up the cost of certified cybersecurity specialists, teams with diverse backgrounds and skill sets can be a cost-effective approach as well.

Plus, well-constructed teams will grow together, both as an efficiently functioning group and as individuals. Over time, team members will learn from each other, so the technology practitioners gain business acumen and communications skills, while the business analysts develop fluency in security technologies and risk mitigation. In the long term, the multiplier effect will produce more well-rounded cybersecurity pros, and may just be a solution to the current talent shortage.

In my next post, I’ll explore how future-ready enterprises can find and cultivate these cybersecurity teams of tomorrow, and offer a few examples of how we approach the issue at Dell.  

What does your cybersecurity dream team look like?

About the Author: Power More