Sharing is caring: collaboration and communication in cyber.
Those of you that work in technology, regardless of the specific area, all share the common language of security concerns. These are even more prevalent as the world becomes more digital and more connected. Whether people are collaborating with others in the next room, or across the globe, they can now work and play together seamlessly. However, this level of collaboration does yet not exist within the security teams that protect our online world. Throughout my career I have found that security teams are siloed and rarely communicate with their peers or the wider workforce. If we are going to stay ahead of the threat landscape, it is time for this to change.
As risk increases, collaboration becomes more important
The cyber-security landscape is changing faster than ever, as hackers take advantage of new technologies and global events for nefarious means. The pandemic saw soaring numbers of cyber-attacks around the world. This was driven by digitalization which provided cyber criminals with new access points to the IT systems of businesses and government departments alike. We are now at a point where almost a third of UK businesses experience weekly breaches and this is only set to increase.
The reality is that cyber is an endless game; by the time we have bolstered our defences the enemy has already moved on to new attack vectors. This is why, in security, the lone ranger act will never work. Teamwork is the only way to pre-empt problems and keep pace with attacks. Sadly, cyber analysts are still not skilled in the art of collaboration and teamwork. But to make headway against cyber-villains, the good guys must band together.
THe importance of communication in cyber
Sharing information is a critical part of creating an effective global cyber community. Cyber team members should be communicating not only among themselves, but also with the wider company. Actively sharing challenges and solutions reduces repetition, improves productivity, and simplifies operations. Collaboration also means team members feel less pressured, there is a noticeable reduction in burnout and time to think proactively about security strategy.
At times, information sharing needs to stretch beyond the organization and include collaboration with other companies, regulators, and even government organizations. When it comes to areas such as national security or protecting critical infrastructure, shared problem-solving can make our online and offline lives safer.
Thankfully, governmental organizations across the globe are beginning to recognize the importance of collaboration in cyber. For example, in its new cyber strategy, the UK Government highlighted collaboration are a core pillar for strengthening the country’s cyber security. But the introduction of a more collaboration-centric mentality into cyber has long been held back by a lack of educational tools. Until now.
Developing the solution
Communication can’t be picked up overnight or learned out of a book. The only way to truly break people out of their silos is through applied group learning.
One such technique is Integr8. Grounded in over 56,000 hours of research, Integr8 takes a human-centred approach to teaching communication skills to cybersecurity teams and multi-team systems. Its in-depth, applied learning programme gamifies challenges, making the learning process enjoyable and accessible. The course removes the teams from the technology they work with, and challenges them to find ways to adapt and solve problems. It aims to help participants replace judgement with curiosity and move them to instinctively use collaboration to problem solve through a communicative, collective growth mindset.
Integr8 participants tackle a set of eight workshops split up over the course of several weeks. Each one focuses on different skills – reaching consensus, collective information gathering, multi-team strategic development – in a bid to teach methods and the importance of collaboration. The workshops encourage cyber teams to put their learnings into practice and providing real tools like team charters, goal hierarchies, and conflict resolution guidelines.
The training has also been proven to promote diversification in cyber teams. In particular, it has shown that it helps build confidence for women, which in turn helps address the gender imbalance that technology faces.
While the training is only in its early stages, Integr8 has already proved its efficacy and is already being used by governments in Europe and the Cybersecurity & Infrastructure Agency (CISA) in the United States.
Digital technology continues to revolutionize everything from healthcare to construction and telecoms. But as security professionals, we do not have the luxury of simply being able to enjoy these advances, we must also be mindful of the risks they bring. We are entrusted with the responsibility of ensuring they arrive safely and securely, and we should use every tool available to do so – the most important being collaboration.
