Security teams, IT operations, and business teams have different, but important, roles in the detection and mitigation of external risk. Security teams identify gaps, IT operations operationalize the solution while business teams provide feedback into impact and asset inventories.
Solving meaningful external risk challenges requires the right information at the right time in the hands of the right people. When one group meets its SLAs, trust is established with the other teams. This in turn encourages imitation. In effect, success breeds success.
Improving collaboration between teams is important
Employees agree. A 2023 report by Forrester Consulting, commissioned by CyCognito, found over three-quarters (81%) of respondents say improving collaboration between teams is important to improving risk identification and prioritization workflows. The report explored perceptions of external risk management from 304 security and IT operations decision-makers at North American and European enterprises.
The result? Knowledge sharing and solution orchestration at most organizations are difficult. (Too) many tools, relationships that skew negative, and prioritization challenges lead to long delays – leaving teams at times feeling like they are rowing against a heavy current.
Thankfully there is a path forward. Let’s first explore some of the observations found in the report.
More negative relationships than positive
It is safe to say that removing roadblocks between cross-functional teams is a top priority for leadership. It’s not always easy. Despite an understanding that positive relationships improve quality of work, most respondents report more negative relationships than positive. Nearly 40% say all three are negative.
Bringing people together to provide input on priorities is critical, yet just 22% of respondents’ organizations report a cross-functional team assigning priorities for remediation.
Synchronized teams create a force multiplying, 1 + 1 = 3 scenario. Lack of synergy just adds to the challenges for an organization focused on lowering external risk.
Too many tools and the challenges of prioritization
Many organizations rely on multiple tools for risk management, some considerably more; in the study, almost 40% of respondents report using more than 10 tools.
It doesn’t appear to be working well – over three-quarters (76%) of respondents reported using one tool across teams is important to improving risk identification and prioritization workflows.
Disparate tools lead to unnecessary work and communication challenges. They encourage friction between cross-functional teams because the different systems are likely to come to separate conclusions or lack critical information. A trusted, single source of external risk intelligence is key to efficiency.
Acknowledging the challenge is the first step
Interestingly, almost all respondents in this study (88%) reported being highly confident in their organization’s visibility into external assets but more than half (53%) reported finding significant amounts of unmanaged assets the last time they scanned. One interpretation of this inconsistency is that leaders are not fully grasping the correlation between team activities and impact on risk.
Several feedback that we learned from our customers can act as a grounding point for those still searching for an answer:
- Successful external attack surface management involves coordination between multiple groups in an organization
- Common tools between cross-functional teams reduces friction/delay
- Access to issue evidence improves communication and reduces time to remediation
An external risk management program that has only the “what” and not the “why” makes it hard to interpret priority, makes cross-team approvals more difficult and slows down remediation efforts.
IT security, operations, and business teams need a single tool to build an external asset inventory and inform on external risk. They need accurate asset context and easy access to evidence to share decisions. Issue-specific remediation instructions empower operations to work efficiently while reducing tedious manual effort.
[Looking for more? A recent blog, Three Actions to Reduce External Risk also provides Recommendations]
Reduce your external risk and streamline communications with CyCognito
CyCognito solves a fundamental difficulty in cybersecurity: how to safely and effectively test your external attack surface at scale. CyCognito discovers and tests an organization’s internet-exposed assets, identifies gaps attackers can leverage and provides instructions to close those gaps efficiently.
Scalable, continuous, and comprehensive security testing across your full inventory of external assets – only from CyCognito.
~~~
This Forrester report “Teamwork Shines a Light on Hidden External Risk” involved 304 IT security, operations and business leaders of Fortune 500 companies in charge of managing external risk. Download and read more from on Cycogito.com. If you have questions about CyCognito’s offering, or would like a demo, please contact us at [email protected].