Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Seven Ways to Ensure Successful Cross-Team Security Initiatives

Many organizations have one or more strategic initiatives that involve a large amount of coordination and cooperation across functions and teams. In my experience, these cross-team initiatives are often the most challenging ones, while simultaneously being the most rewarding.  There are a number of reasons why this is the case, though I’d like to take a look at a different angle in this piece.

Many organizations have one or more strategic initiatives that involve a large amount of coordination and cooperation across functions and teams. In my experience, these cross-team initiatives are often the most challenging ones, while simultaneously being the most rewarding.  There are a number of reasons why this is the case, though I’d like to take a look at a different angle in this piece.

Around this topic, there is one question I’ve asked myself recently: What makes a strategic cross-team initiative successful?

After making some observations and doing some thinking, I believe that I have identified several important factors. While there are surely others, here are seven ways to ensure successful cross-team security initiatives:

1. Executive support: Perhaps it seems obvious, though cross-team initiatives require executive support for them to succeed. The reason for this is often very straightforward. Each team has its own priorities, goals, objectives, targets, and other criteria by which its success is measured. No matter how much a given team wants a cross-team effort to succeed, practically speaking, that team cannot change its own success criteria. Thus, if supporting a cross-team effort comes at the expense of other important intra-team efforts, it will reflect poorly on the team, even though it is what is best for the organization overall. Executive support is required to break this cycle and guide the organization in the direction that is best for it.

2. Clear priorities: In addition to executive support behind cross-team efforts, executives need to set clear priorities both for the initiative and across the organization as a whole. That is the only way that different teams will understand the expectations for the effort they are participating in, as well as where it fits within the organization’s broader strategy. These priorities will be an important input into the decision making process as the initiative moves forward.

3. Responsible party: One of the toughest parts of cross-team efforts is responsible and timely decision making. One reason this happens is because it is not clear to those contributing to the effort who is in charge, and thus, who is responsible for the outcomes of the project. What often ends up happening is that stakeholders and other participants share their views, offer guidance, caution against certain negative outcomes, and discuss various different possibilities. Yet, at some point, in order for progress to be made, decisions need to be made. Making these decisions as a group is clumsy, awkward, and slow.  Only by appointing a responsible party who solicits input, encourages discussion, builds consensus, and subsequently makes responsible and timely decisions can these strategic efforts move forward.

4. Adequate resources: Support, priorities, and a point-person are a great start, though a successful cross-team initiative requires that adequate resources be assigned to it. Although this seems intuitive, many organizations struggle with this step. Teams are generally used to prioritizing and resourcing intra-team efforts. When it comes to cross-team efforts, it is not always so obvious which resources should be pulled from what teams and in what numbers. This is a difficult situation that often arises, and it is one that requires that executives and the responsible party guide teams to allocate these resources in accordance with priorities and budget.

5. Trust: It is an unfortunate reality of larger organizations that there sometimes exists mistrust or distrust between different parts of the organization.  Since cross-team trust is fundamental to teams working collaboratively together, lack of trust severely impedes progress in cross-team efforts. Executives and the responsible party need to work to build trust across stakeholders and participants. This is most easily accomplished by being competent, fair, open, transparent, and well, trustworthy. When bridges are built, teams can work together more effectively and efficiently. This, in turn, will help accomplish the goals of the cross-team initiative.

Advertisement. Scroll to continue reading.

6. Attainable milestones: Cross-team efforts are similar to intra-team efforts in that they need to be broken down into smaller, attainable milestones. Progress against each of these milestones can be measured and tracked, and if the effort begins to stray off-course, that can be identified early on in the process and remedied. When milestones are too grand or too difficult to attain, even the most well-intentioned cross-team initiatives can go south.

7. Regular touchpoints: Effective communication is key to a successful cross-team effort. One way to accomplish this is to establish regular touchpoints on a recurring basis where priorities are communicated, input and feedback is solicited, confidence and consensus are built, and status reports are provided. With the right group of stakeholders, these regular touchpoints can turn into a vital resource for the cross-team effort.

Most organizations understand the value and necessity of strategic cross-team initiatives. Even so, many organizations struggle with these efforts. While there are likely many approaches to successfully accomplishing cross-team initiatives, I have found the seven points above helpful when working to push these efforts across the finish line.

Written By

Joshua Goldfarb (Twitter: @ananalytical) is currently Field CISO at F5. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.