The Changing Structure of Cybersecurity Teams

Written by

Businesses in every sector have been changed dramatically by digital technologies over the last decade. The rate of change is staggering, when you consider that twenty years ago Wi-Fi was still in its infancy, giving us speeds of just 11Mbit/s (that’s just 1.375 Mbps by today’s standards)!

Now, with the ubiquity of the internet, readily available Wi-Fi, and speeds so fast that even the slightest delay has us rolling our eyes, the business landscape has changed. While this change has driven a profound transformation for the enterprise, it’s also enabled a whole new wave of sophisticated cybercrime.

Cyber-criminals are constantly looking for new attack vectors, and are enjoying this wave of change. However, for the people charged with protecting businesses and consumers from these attacks, it is a constantly shifting battleground.

The changing landscape
Traditionally, the cybersecurity function within a business sat in the IT team, overseen by a CTO or CIO. Now, as businesses react to these changes in the digital landscape - broadly known as digital transformation - we’re seeing a flatter style of cybersecurity team.

Businesses are hiring employees that specialize in the different types of security which reflect the ever-increasing ways businesses connect to the online world.

For example, in the last ten years we’ve seen deployment of the Internet of Things (IoT) grow. This completely changed the network infrastructure of the average enterprise. Now it’s not just desktop machines and printers that are talking to the outside world, but also thermostats, cameras, signs, access controls, fridges, coffee machines and more. This has made business networks more complex, with many additional nodes on the system and therefore harder to defend.

Now, a one size fits all approach to cyber is ineffective. Instead, businesses are bringing in specialists who have the relevant security experience relating to a certain business area. A business involved in manufacturing, for example, may bring in somebody who has experience defending industrial systems. Attack vectors for criminals vary depending on what they target, so having specialists is key.

Looking at the bad guys
One of the biggest problems that cyber teams face is how fast criminals are able to move. They don’t follow the rules, and this means that they’re able to act in a much more agile way than their opposite numbers often do.

Many businesses still consider classroom-based training, PowerPoint slides and annual refresher sessions as a tick-box exercise; something that simply helps them be compliant. The truth is that, in the fast-moving world of cyber, anything learned in a classroom is often redundant the moment you leave the classroom.

This old compliance-style information security program is becoming increasingly less relevant with many organizations now hungry for substantive deep technical expertise in information security architecture and engineering.

In order to rise to the challenge, and ensure every line of business is safe, security teams need to behave like the bad guys. 

For example, businesses are more than ever looking to red team security professionals who can proactively test networks for weaknesses, and IoT security professionals who can help deploy hardware in a secure way. 

This shift requires buy in and support from the very top of the business. It’s a step away from the norm, and every board needs somebody who can lead from both a strategic standpoint, as well as being able to understand the technical side of securing an enterprise. 

Hiring at the top
To accommodate these changes at a board level, more and more CISOs act as a facilitator between those responsible for security from a technical standpoint, and the board, while also offering strategic advice on long term security posture. 

They are also hiring people from public sector (both government and military) positions, who will be used to tackling cybercrime on the frontline. These sorts of hires are desirable for businesses, who are keen to employ people who have first hand experience.

In this new age of cybersecurity, the type of hires businesses are looking to make are changing too. They are no longer just looking for those with degrees in computer science or physics. Instead, they are looking to architecture or engineering professionals, who have experience in complex systems, and an understanding of how they interconnect. This helps as they attempt to tackle the complex networks that digitized businesses have, with thousands of points of access to the online world.

We are in a rapid state of change. The threat landscape for businesses is only going to grow more and more complex, and the role of the CISO and security teams will continue to evolve. Businesses must respond, or run the risk of a damaging cyberattack that could take months to recover from; if they can recover at all.

What’s hot on Infosecurity Magazine?