Cyber Security: Team Culture and Attitudes Towards SOCs
The world of IT is constantly evolving and as a result of this, the importance of effective cyber security is increasing. In late March I hosted an exclusive roundtable with cyber security leaders from the North West to discuss key challenges and solutions around cyber security, including team culture and structure, business attitudes, and outsourced services.
Below I have recapped some of the key points around these topics, but please get in touch for the full whitepaper by emailing jake.adshead@maxwellbond.co.uk or contacting us via our website at www.maxwellbond.co.uk.
Why is Great Team Culture in Cyber Security Important?
Cyber Security is already difficult to hire for. It’s common knowledge that demand for cyber security talent outweighs the supply. Therefore, businesses need to be doing everything in their power to retain their top cyber talent. Having a toxic culture is the easiest way to lose great staff, and deter potential candidates from even considering joining your company.
Cyber teams should have a culture underpinned by respect, transparency, and collaboration, supported by exceptional communication, training, and leadership. The biggest problems within cyber security teams, seem to be blame-culture, micromanagement, and poor communication. Left to manifest these issues cause deterioration of trust, loss of respect, and erosion of motivation and desire to stay with the business. Culture should be a priority.
Problematic Business Attitudes towards Cyber
Common gripes I hear from cyber leaders is that other business executives view cyber security as northing more than a cost centre. SOC teams have the difficult job of reviewing all business plans and intentions so they can identify impracticability and any issues with emerging vulnerabilities. Other business departments therefore often see SOC teams as ‘business blockers’ because on occasion they won’t be able to sign off on plans.
To tackle this problematic attitude towards cyber security, cyber leaders should use facts, statistics, costings, and real case studies of known cyber hacks and attacks, to demonstrate the real cost of not having cyber security. This will therefore illustrate how cyber security is not a cost centre, but rather a profit protector. Embedding security professionals into other teams in the business can also help improve communication across departments.
Advantages and Disadvantages of Outsourced SOCs
There seems to be really contrasting opinions on outsourcing SOCs, with the benefits of cost, labour, and convenience clashing with concerns over quality, knowledge of the company, and investment in the business success. Seemingly business size and cyber budgets often contribute to this decision primarily. Businesses with small or no cyber teams might have to outsource their cyber function out of necessity, whilst businesses with more cyber investment might prefer to keep this in-house.
This really seems to differ from one company to the next, but I am really keen to hear your opinions and experiences with outsourcing, as well as how your cyber teams are structured, run and perceived in the wider business. As cyber security becomes increasingly important, I think it’s fundamental that we continue to share knowledge on these challenges and issues, so together as a cyber community we can continue to grow stronger as a whole.
For the fulll whitepaper, email jake.adshead@maxwellbond.co.uk. If you’re interested in getting involved in future roundtables, podcasts, or our video series of ‘Two Minute Tech Talks’, please get in touch!
Partner with Maxwell Bond, Best Cyber Security Recruitment Agency 2021, Manchester & Berlin
Stay ahead of the threat with quick, effective, and efficient hiring that identifies and hires niche, top cyber talent for your business. Get in touch today.
