What tips or advice can you offer for improving collaboration between historically siloed security operations and IT teams? How can you begin building bridges between them to have better teamwork on things like vulnerability remediation?
Sort By:
Oldest
CIO in Educationa month ago
I'm going to highly recommend Keith Ferrazzi's new book - Never Lead Alone - the book will explain how to shift from leadership to teamship. People need to be candid and accountable to and with each other as a start, and you can begin building teamwork and trust if you have some of those foundational elements in place.Director of IT in Softwarea month ago
Start by aligning both teams on shared objectives, clearly defining how their combined efforts contribute to overall goals like reducing risk and enhancing system reliability. Establish dedicated cross-functional teams or task forces that include members from both security and IT to promote regular communication and collaboration on joint initiatives.Implement regular communication channels, such as weekly or bi-weekly meetings, to discuss ongoing projects, challenges, and updates. Use these meetings to foster open dialogue, share insights, and address issues promptly. Develop and document standardized processes for handling vulnerabilities, incidents, and security protocols collaboratively, ensuring that both teams follow the same procedures to streamline efforts and reduce misunderstandings.
Leverage integrated tools and platforms that facilitate collaboration, ensuring that both teams have access to tools for incident management, ticketing, and vulnerability tracking. Encourage cross-training sessions where members of each team learn about the other's roles, challenges, and objectives to foster empathy and understanding.
Clearly outline and communicate the roles and responsibilities of each team in security operations and IT management, avoiding overlaps and ensuring that each team understands their specific contributions. Establish and agree upon clear escalation procedures for high-priority vulnerabilities or incidents to ensure timely resolution and minimize confusion.
Promote a culture of collaboration by recognizing and rewarding joint successes, encouraging teamwork through problem-solving exercises, and celebrating achievements resulting from effective collaboration. Finally, use shared metrics and reporting tools to track progress on vulnerability remediation and other security activities, providing transparency and helping both teams understand the impact of their efforts and identify areas for improvement.
Director of IT in Banking14 days ago
I recently addressed this in a presentation to our Project Management Office and IT Services Office. I emphasized that they should view my group and myself as providers of security services. We’re here to help them incorporate security into their work, so if they encounter difficulties, we are always available to coach and enable them. But our ultimate goal is for them to be able to manage this independently, integrating security, continuity and compliance.One practical approach is collaborating with IT development teams to implement security by design. For example, our architect has chosen Microsoft Azure as the leading platform for the future. We identify basic security elements within the Azure platform and assist the teams with configuring them. We guide them on the best practices, highlighting the security settings they should implement, and then they work it out themselves based on our guidance. Instead of the IT security team being called upon every time development teams need help integrating security, we provide guidance upfront so that the teams can handle these tasks independently going forward.