I recently had the opportunity to speak at a security conference where I presented the operating models that an organization can embrace when managing cyberthreats and the guiding principles associated with them. It was a great chance to share some of my experiences with the greater community and foster intellectual curiosity around an increasingly important topic.

A Shift in Approach

Maintaining a strong security posture is a dynamic challenge for any organization. It depends on many factors, which can vary over time; companies across the globe are migrating to the cloud to scale more quickly, adopting the latest technology trends to expand the digital footprint and embracing new methodologies such as DevOps to accelerate time to market and address customer expectations.

Yet companies’ operating models are bolted onto an old paradigm that is not delivering the expected value. Although there’s no one-size-fits-all approach to the question of how to best organize the next security operations model, it is often effective to start with a top-down approach involving executives to establish a common aspiration and enable the broader transformation.

The four principles identified below are distilled from the lessons learned during many security transformation journeys.

1. Define Your Goals Clearly

A cybersecurity transformation requires leaders to clearly articulate the goals and principles that are driving it. After aligning all involved parties on these goals, executives can prioritize the work to be done.

Large organizations will have many items on their agenda, so it’s vital for management to agree on what comes first according to the principles. Moreover, this clarity helps middle management become a sponsor as well, enabling deeper, better-managed initiatives that harness the full potential of all available resources.

2. Build a Strong Security Culture

A strong security culture is the foundation of an effective operating model. However, this kind of mindset requires more than just the occasional security awareness training. To ensure every single employee sees security as an intrinsic part of their responsibilities, it’s necessary to build and maintain a security culture up, down and across all levels of the organization.

Using language accessible to all parties, provide clarity around security operations. Promote it as an enabling presence that protects the business and its employees rather than as a barrier that imposes restrictions on business.

3. Create an Adaptive Organization

When the security operations team works on an island, with no connection to cross-functional business strategy, the results of their work have limited impact. Imagine the vulnerabilities created by a large IT project with no involvement or oversight from the security team.

Security should be integrated into all processes from the ground up rather than as an afterthought to the main objective. Although there’s no specific organizational model for adaptive security, creating interdepartmental teams that make integrated decisions to protect corporate information and assets is paramount. Companies achieve their goals more quickly and efficiently by joining forces rather than making fragmented, piecemeal efforts across the enterprise.

4. Partner to Strengthen Readiness and Resilience

It’s no longer possible to succeed alone. The role of many cybersecurity firms has evolved from a provider of technology to, in many cases, a key member of the executive team.

Many companies require a trusted partner to guide their security operations centers (SOC) through their security transformation journey and advise them in day-to-day security and threat operations. Sourcing best-in-class capabilities from partners not only allows an organization to grow with less capital, but also enables it to pursue innovation through collaboration.

Don’t Wait for Threats to Come to You

Boards and CEOs alike must reevaluate the security journey from end to end, as countless organizations in both the public and private sectors and across all industries have lost a lot due to security incidents. Transforming the old security operations model is crucial to unlocking cyber resilience capabilities that enable an organization to stay ahead in this ever-changing threat landscape.

Again, there’s no one set way to accomplish this transformation — multiple roads can lead to success. But making the right choices at the beginning of the journey is fundamental to achieving and sustaining business results.

It’s never too soon to start laying out a road map that fits your organization’s resources — people, processes, culture and technology — to set the stage for your next-generation security operations model.

More from CISO

How to Solve the People Problem in Cybersecurity

You may think this article is going to discuss how users are one of the biggest challenges to cybersecurity. After all, employees are known to click on unverified links, download malicious files and neglect to change their passwords. And then there are those who use their personal devices for business purposes and put the network at risk. Yes, all those people can cause issues for cybersecurity. But the people who are usually blamed for cybersecurity issues wouldn’t have such an…

The Cyber Battle: Why We Need More Women to Win it

It is a well-known fact that the cybersecurity industry lacks people and is in need of more skilled cyber professionals every day. In 2022, the industry was short of more than 3 million people. This is in the context of workforce growth by almost half a million in 2021 year over year per recent research. Stemming from the lack of professionals, diversity — or as the UN says, “leaving nobody behind” — becomes difficult to realize. In 2021, women made…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories that usually contain some sort of sensitive information or credentials including web and login data from Chrome, Firefox, and Microsoft Edge. In other instances, they…