The collective game in cybersecurity is an absolute emergency

It is now well understood that cooperation with the cybersecurity world ecosystem has become essential to better fight cyberattacks. However, there is another less talk about the type of cooperation necessary to ensure cybersecurity: cooperation between the various functions of a company.

Written by Pascal Antonini, Cyber ​​Security Partner, TNP Consultants

A cybersecurity manager or CISO is generally identified as the major player in cybersecurity. However, he cannot act alone and must mobilize the business lines, IT department, general administration and work with the departments of risk authorization, internal audit, compliance and data protection. In particular, its role is to design and implement an operational safety management and pilot system, and to coordinate internal and external actors.

Companies, initiators of digital transformation projects, must take greater ownership of cybersecurity. They are the people who can identify threats to their activity and incorporate these concerns as early as possible into their projects in close collaboration with the Director of Cyber ​​Security. These projects are also an opportunity to imagine new services based on security technologies.

The Digital Division, or CIO, is responsible for providing businesses with infrastructure and platforms with an appropriate level of security. Collaboration with the Director of Cyber ​​Security is aimed at ensuring the effectiveness of protection systems, but also of detection and interaction with security incidents carried out within the Security Operations Center (SOC). The IT department is also key to implementing all cyber security tools and solutions.

Public administration should be involved in ensuring the strategic management of cyber security in a context where cyber security risks have become one of the two major risks for organizations. It is supported by the Risk, Internal Audit and Compliance departments.

The most recent incidents related to cybersecurity show that this organization and this “collective game” between different actors is not always well integrated.
Cesin Cybersecurity Barometer for January 2021 (Wave 6) tells us that “shadow IT (implementation/use of unapproved applications)” appears to be the leading cause of security incidents (44%) versus having “permanent vulnerabilities remaining” (36%).

As for shadow IT related incidents, the companies behind implementing these non-certified solutions did not fully understand the risks involved and the importance of expert security assessment of these solutions.

In the case of “permanent vulnerabilities remaining”, the teams responsible for the infrastructures were unable to deploy a satisfactory vulnerability management process; The reasons can be multiple, lack of budget, insufficient awareness, lack of clarity in security policies…

It is very likely that companies that have experienced these cybersecurity incidents have cybersecurity hardware and resources. However, the participation or insufficient mobilization of some actors weakens these systems to such a degree that they sometimes become ineffective. Empowering everyone is no longer an option and should be the focus of all public administrations. They are not always adequately informed of this necessity; They may consider these cyber security topics to be technical topics only and implemented by the IT department and CISO by implementing custom security techniques.

Beyond that, beyond technology, success in cybersecurity also depends on governance, operations and, above all, on women and men united by a common collective vision.