Threat Intelligence
Sharing Threat Intelligence (indicators, observables, etc.) with external parties has become important for Security Operations to enhance their Threat Awareness. Such information sharing should follow formal procedures. Beginning with clear objectives and well established guidelines and constraints, such as bi-lateral confidentiality/non-disclosure agreements. And adhering to relevant industry standards (STIX, TAXII, CybOX, etc.).
Security Awareness
Acknowledging that internal staff often present a major source of vulnerability for any organization; a visible, on-going Security Awareness campaign should be a core part of your Security Operations strategy. Including practical, but frequent (i.e., quarterly), mandatory training for all staff on current events and trends. Emphasizing the potential consequences to the business should threats successfully exploit their vulnerability.
Business Line Risk
Communicating with non-technical leadership, such as Business Line Managers, about cyber security topics is often challenging. They typically have little-to-no interest in hearing about Threats or Vulnerabilities. Instead, their primary interest is in actual Consequences to their part of the business. To be effective, your Communications Strategy needs to speak in terms of Business/Mission Impact.
Risk Posture
Executive Leadership, including boards of directors, often regard cyber security strictly in terms of Risk Mitigation and associated cost. Similar to an insurance policy. While they may have interest in specific Threat Actors (e.g., competitors), their primary concerns are with Consequences, the Cost to avoid them, and a concrete understanding of Acceptable Risk. All your communications with executive leadership should be framed along these 3 dimensions.
Effective SecOps Communications
Our Cybersecurity Communications services will help you craft a comprehensive, impactful Communications Strategy for your SecOps organization.
Leverage our team's decades of combined experience working across large cybersecurity communities and in the world's largest Security Operations Centers.