How to build a resilient security team that can face down a cyber crisis 

Bec McKeown at Immersive Labs discusses the psychology of building a resilient cyber security team 

 

Whether it’s our individual ability to cope with stress or a business’s capacity to operate in a crisis, “resilience” dominates corporate conversations. But what exactly is resilience, and what does it mean in practical terms?

 

The word is officially defined as "the capacity to recover quickly from difficulties; toughness.” What this means in real terms depends on the context. 

 

In cyber security, to be resilient is generally accepted to mean an organisation is ready to detect, defend, and respond to cyber threats, including new and unknown forms. 

 

Like most security aspects, resilience is seen through a technical lens. But the human element is just as important – after all, if your people aren’t resilient, how can your system be?

 

The importance of developing resilient security teams 

Discussion around the impact of cyber attacks tends to be highly focused on material damage. Loss of earnings from operational downtime, reputational damage, financial fines, and legal action are all easily tracked and quantified. But cyber attacks also take a psychological toll.

 

A major incident can damage employees’ morale and confidence, especially those IT and security personnel responsible for mitigating and responding to threats. This psychological damage can impact the team’s capability to deal with future crises reducing the firm’s overall cyber resilience and increasing risk exposure. 

 

The greater the team’s resilience, the more likely they are to be able to weather the storm of a cyber incident and come through undaunted to perform at their full potential.

 

So how can enterprises start boosting resilience? 

Resilience is often thought of as an inherent personality trait – either you have it or you don’t. But while some people might be naturally inclined towards it, resilience is a skill anyone can learn and improve through experience and practice. 

 

Cyber security teams can build this experience by completing exercises replicating a genuine security crisis. These simulations must reflect the kinds of complex, fast-paced scenarios that are likely to come their way in real life, such as a significant ransomware attack locking down critical systems.

 

This gives security personnel a chance to gain experience and hone their ability to respond when the pressure is on – without risking the company’s fate if they fail. When an actual attack occurs, they will have learned crisis response routines to fall back on.

 

For team settings – such as cyber security – resilience can be improved at an individual and group level. Cyber security teams that work on their resilience together will strengthen their relationships and ability to work effectively as a unit, both in their daily duties and when a disaster looms.

 

The four pillars of a resilient security team 

A study by the University of Manchester researchers identified four critical pillars for building resilience: confidence, adaptability, social support, and purposefulness. All four elements can and should be applied to cyber security teams. 

 

Confidence. Personnel must be confident that they have the right skills, knowledge, and judgement for their role. Even if they have the proper training and tools at their disposal, they are less likely to make the right calls in a crisis without confidence. 

 

Adaptability. Similarly, individuals and teams both need to have a high level of adaptability. Cyber threats are constantly evolving, and a situation can escalate rapidly and move in unexpected directions.

 

Whether it’s a previously unseen zero-day vulnerability or ransomware running out of control, security professionals need to be equipped with agile thinking skills to respond effectively. Building experience will enable teams to think back to previous decisions and apply these insights to the current situation.

 

Social support. A strong level of social support is critical for building confidence and adaptability. Teams must be given the opportunity to build skills, trust and working relationships outside of the pressure-cooker environment of an active security event. Challenging conversations about issues and failings should be saved for calm moments and presented in a constructive way that focuses on improvement. Consciously developing a wider pool of knowledge, skills and judgement will also help to boost resilience, providing a more diverse and well-rounded ability to deal with a problem. 

 

Purposefulness. Finally, all this needs to be surrounded by a feeling of purposefulness. Security teams need to feel that they are continually improving and expanding their skills to help safeguard the organisation. All training and development efforts should tangibly relate to this purpose.

 

Putting resilience into practice   

Resilience isn’t just a buzzword. It’s a real, practical asset that can be purposefully developed. Improved resilience can make all the difference in averting disaster when disaster rears its head. 

 

Studies from the University of Manchester found that building resilience training can deliver benefits, including improved well-being and increased confidence to cope with stressful events – exactly what you want in a security team facing a cyber crisis. 

 

Making meaningful improvements to resilience means framing it in a set process, just like the development of any other skill. This starts with conducting regular exercises to provide cyber teams with experience in dealing with complex and fast-paced security situations. The evidence from these simulations must be collected and analysed to determine knowledge and skill gaps. Finally, this data can be used to focus future development efforts and equip teams with the right skills they need to improve their abilities. 

 

By continuously assessing, building, and proving cyber capabilities, teams and individuals can make marked and measurable improvements to their ability to face down a cyber crisis, no matter how big the stakes.

 

---

 

Bec McKeown is Director of Human Sciences at Immersive Labs

 

Main image courtesy of iStockPhoto.com