5 Steps for Staying On Track
Following are five things any CISO can begin to do right now to keep their teams focused on the most important priorities:
Step 1. Build a framework to evaluate and process new opportunities and challenges. The classic Eisenhower matrix is still valuable in helping to focus on critical opportunities and priorities and avoid being distracted.
Quadrant 1 (Do: Important and Urgent) is where urgent and important meet. These should be the top priority. However, if time is filled with important and urgent tasks, something has gone wrong. Quadrant 2 (Plan: Important but Not Urgent) is where C-suite executives should spend time planning and prioritizing so issues do not become urgent, but rather can be properly addressed with time and consensus. Quadrant 3 (Delegate: Urgent but Not Important) can be safely delegated. Quadrant 4 (Eliminate: Not Important and Not Urgent) should be discarded. Unfortunately, too many professionals get sidetracked by Quadrants 3 and 4, wasting valuable time for strategic planning and failing to address the critical issues that require our attention instead.
Step 2. Develop and promote good processes and procedures. It is far too easy to get sidetracked by time traps, especially in cybersecurity. In most cases, this is the result of failing to have a prioritization process that ensures that people and resources are focused on issues representing the greatest threat or greatest opportunity for the organization. For example, prioritizing vulnerabilities and exploits that impact essential systems requires three things: knowing what the top vulnerabilities and exploits are at any given moment, knowing which systems perform which tasks and prioritizing them, and finally knowing which of these systems are exposed to are the most vulnerable to the latest threats.
Step 3. A well-defined vision and strategic direction for your security team that is understood and shared by all team members are essential. This may sound obvious, but far too many security teams ignore this essential advice.
And this needs to extend beyond the security team. The board, executives, and security leadership should all share a common vision of business objectives, top priorities, and a commitment to defending the organization against the most concerning risks. That vision should be documented, communicated, and reviewed. Action plans need to be drawn up and war games executed against it. Everyone needs to understand their priorities, and they should execute their daily tasks with those priorities in mind. Further, they should know exactly what role they play in the event of a cyber incident.
Step 4. Convert broad goals to daily actions and priorities. It can be very difficult to stick to goals and priorities that only refer to high-level vision and strategy. Those ideas also need to be converted into operational and tactical objectives that can chart and maintain a daily course of activity.
Step 5. Prioritize efforts based on their impact to the organization. Security teams are stretched to the breaking point, and valuable human resources need to be focused on those activities that bring the most value to the organization. However, that can often leave things like reading log files or patching devices at the bottom of the list and even ignored. By strategically implementing automation, machine learning, and AI systems into the network, many of the more mundane tasks can be safely turned over to security devices and systems. Additionally, they are also far less likely to make mistakes due to tedious repetition and are far more likely to find that “needle in a haystack” through high-level correlation of data that a human analyst might easily overlook.
Staying On Track Keeps Everyone Safer
By combining prioritization, decision-making strategies, and advanced automation, organizations can stay on target when it comes to maintaining the security and integrity of your organization’s cyber resources. By heeding the five above recommendations, security leaders can improve their security postures while driving efficiencies across their organizations.