Those of us in the security space are well aware of the changing marketplace. We’ve seen evolving and advancing threats, more hyper-connected business environments, increased regulations, and new technologies being adopted as a result. With this new landscape, how do businesses keep up and ensure their high-risk assets are protected?
I wanted to call special attention to the latest report from the Security for Business Innovation (SBIC), which was compiled based on thought leadership from 18 security leaders among the largest global enterprises. In this new report, the SBIC discusses what it takes to develop a progressive security program amidst the new forces at play. Security functions, more than ever, need to be embedded within business processes in order to truly manage and mitigate risk. However, many of the advanced technical and business-centric skills needed for security teams to fulfill their expanded responsibilities are in short supply. This is where RSA’s valued Partners can and should play a critical role in helping cultivate this talent, as evidenced in the seven key steps recommended by the SBIC to build a well-positioned security team:
- Redefine and Strengthen Core Competencies – Focus the core team on increasing proficiencies in four main areas: cyber risk intelligence and security data analytics, security data management, risk consultancy, and controls design and assurance.
- Delegate Routine Operations – Allocate repeatable, well-established security processes to IT, business units, and/or external service providers.
- Borrow or Rent Experts – For particular specializations, augment the core team with experts from within and outside of the organization.
- Lead Risk Owners in Risk Management – Partner with the business in managing cyber security risks and coordinate a consistent approach.
- Hire Process Optimization Specialists – Have people on the team with experience and certifications in quality, project or program management, process optimization, and service delivery.
- Build Key Relationships – Develop trust and influence with key players such as executives, middle management, and outsourced service providers.
- Think Out-of-the-Box for Future Talent – Given the lack of readily available expertise, developing talent is the only true long-term solution for most organizations. Valuable backgrounds can include software development, business analysis, financial management, military intelligence, law, data privacy, data science, and complex statistical analysis.
We have the unique opportunity as a Channel organization to become the trusted advisors of enterprises worldwide in guiding them through these seven critical steps. As organizations continue to require more advanced security measures, their people and business priorities are simultaneously shifting. In order to scale out these best practices, we need our Channel Partners to actively engage in these opportunities. We need to jointly sell and position this new wave of thought around security and technology; otherwise, many of the largest corporations who lack the skills to do it on their own will fall behind. This, I can’t emphasize enough, is why the Channel matters.