3 Tips to Encourage Collaboration In Your Organization's Security Processes

by Brad Garland

While information security has assumed top priority in many organizations, the steps that enterprises take to strengthen their overall cybersecurity often focus solely on improving the technology and processes involved in those efforts. Unfortunately, such a heavy focus on the technical mechanics of cybersecurity neglects the human side of the equation. This is especially true when it comes to strengthening the collaboration between security-oriented departments and the rest of your policy management

Indeed, studies show that the strength of your security protection potential drops when your organization experiences a widening gap between business leaders and security programs. In a survey conducted in September 2015, only 15 percent of IT security professionals described their organization's collaboration as excellent, while more than 30 percent described it as poor or non-existent. That lapse can have serious consequences as the cost of cybercrime continues to climb.

Faced with such a clear disconnect between personnel and process, what can your enterprise do to improve the situation? These three tips to boost collaboration are a good place to start.


1. Make Someone Accountable for Security

Too often, organizations become fixated on trying to decide who handles security more effectively, the chief information officer (CIO) or the chief information security officer (CISO). But ultimately, that question doesn't matter. It's likely that both organizational structures are perfectly capable of managing information security, so the real question is simply who is accountable for it?

Even if it means arbitrarily assigning final authority to the CIO over the CISO, or vice versa, the primary goal should be to make sure that someone is clearly and visibly accountable for your enterprise's security.

2. Communicate Security More Effectively

It's easy for security professionals to get lost in "trade-speak" when communicating with other departments. But relying on jargon and inscrutable terminology can make it impossible for business leaders and non-tech personnel to understand the points being made, and that lack of effective communication puts your security at risk. Additionally, clearly understood communication is a key component of ensuring that cyberdefense initiatives receive proper support and financial backing from your organization's leadership.

3. Focus on the Right Metrics

Security professionals often rely too much on compliance-related metrics, and that makes it difficult for business leaders to fully grasp the business implications of an effective cybersecurity program.

Instead of focusing solely on just being compliant, cybersecurity professionals should work to relay true indicators of their program's effectiveness. You can do this by focusing on areas that provide clear benefits, such as threat detection measures that directly increase your firm's data security.

Contact Vala Secure for more information about how to encourage collaboration in your firm's information security efforts.
Free eBook. Reduce cybersecurity risk in your financial institution. Download now.