I recently had the opportunity to speak at a security conference where I presented the operating models that an organization can embrace when managing cyberthreats and the guiding principles associated with them. It was a great chance to share some of my experiences with the greater community and foster intellectual curiosity around an increasingly important topic.

A Shift in Approach

Maintaining a strong security posture is a dynamic challenge for any organization. It depends on many factors, which can vary over time; companies across the globe are migrating to the cloud to scale more quickly, adopting the latest technology trends to expand the digital footprint and embracing new methodologies such as DevOps to accelerate time to market and address customer expectations.

Yet companies’ operating models are bolted onto an old paradigm that is not delivering the expected value. Although there’s no one-size-fits-all approach to the question of how to best organize the next security operations model, it is often effective to start with a top-down approach involving executives to establish a common aspiration and enable the broader transformation.

The four principles identified below are distilled from the lessons learned during many security transformation journeys.

1. Define Your Goals Clearly

A cybersecurity transformation requires leaders to clearly articulate the goals and principles that are driving it. After aligning all involved parties on these goals, executives can prioritize the work to be done.

Large organizations will have many items on their agenda, so it’s vital for management to agree on what comes first according to the principles. Moreover, this clarity helps middle management become a sponsor as well, enabling deeper, better-managed initiatives that harness the full potential of all available resources.

2. Build a Strong Security Culture

A strong security culture is the foundation of an effective operating model. However, this kind of mindset requires more than just the occasional security awareness training. To ensure every single employee sees security as an intrinsic part of their responsibilities, it’s necessary to build and maintain a security culture up, down and across all levels of the organization.

Using language accessible to all parties, provide clarity around security operations. Promote it as an enabling presence that protects the business and its employees rather than as a barrier that imposes restrictions on business.

3. Create an Adaptive Organization

When the security operations team works on an island, with no connection to cross-functional business strategy, the results of their work have limited impact. Imagine the vulnerabilities created by a large IT project with no involvement or oversight from the security team.

Security should be integrated into all processes from the ground up rather than as an afterthought to the main objective. Although there’s no specific organizational model for adaptive security, creating interdepartmental teams that make integrated decisions to protect corporate information and assets is paramount. Companies achieve their goals more quickly and efficiently by joining forces rather than making fragmented, piecemeal efforts across the enterprise.

4. Partner to Strengthen Readiness and Resilience

It’s no longer possible to succeed alone. The role of many cybersecurity firms has evolved from a provider of technology to, in many cases, a key member of the executive team.

Many companies require a trusted partner to guide their security operations centers (SOC) through their security transformation journey and advise them in day-to-day security and threat operations. Sourcing best-in-class capabilities from partners not only allows an organization to grow with less capital, but also enables it to pursue innovation through collaboration.

Don’t Wait for Threats to Come to You

Boards and CEOs alike must reevaluate the security journey from end to end, as countless organizations in both the public and private sectors and across all industries have lost a lot due to security incidents. Transforming the old security operations model is crucial to unlocking cyber resilience capabilities that enable an organization to stay ahead in this ever-changing threat landscape.

Again, there’s no one set way to accomplish this transformation — multiple roads can lead to success. But making the right choices at the beginning of the journey is fundamental to achieving and sustaining business results.

It’s never too soon to start laying out a road map that fits your organization’s resources — people, processes, culture and technology — to set the stage for your next-generation security operations model.

More from CISO

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

The CISO’s guide to accelerating quantum-safe readiness

3 min read - Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.A future cryptographically…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today