Mind the Tech Gap: Addressing the Conflicts between IT and Security Teams

Nikki Robinson

2022年10月 · CRC Press

电子书

214

页

符合条件

关于此电子书

IT and cybersecurity teams have had a long-standing battle between functionality and security. But why? To understand where the problem lies, this book will explore the different job functions, goals, relationships, and other factors that may impact how IT and cybersecurity teams interact. With different levels of budget, competing goals, and a history of lack of communication, there is a lot of work to do to bring these teams together. Empathy and emotional intelligence are common phenomena discussed in leadership books, so why not at the practitioner level? Technical teams are constantly juggling projects, engineering tasks, risk management activities, security configurations, remediating audit findings, and the list goes on. Understanding how psychology and human factors engineering practices can improve both IT and cybersecurity teams can positively impact those relationships, as well as strengthen both functionality and security. There is no reason to have these teams at odds or competing for their own team’s mission; align the missions, and align the teams. The goal is to identify the problems in your own team or organization and apply the principles within to improve how teams communicate, collaborate, and compromise. Each organization will have its own unique challenges but following the question guide will help to identify other technical gaps horizontally or vertically.

作者简介

Nikki Robinson earned a DSc in Cybersecurity, several industry certifications including CISSP, and is a Security Architect by day, and an Adjunct Professor at night. She had more than 10 years of experience in IT operations before moving into the security field about 3 years ago. She studied vulnerability chaining concepts and completed her PhD in Human Factors to combine psychological and technical aspects to improve security programs. She has a passion for teaching and mentoring others on risk management, network defense strategies, and DFIR. She is currently a Security Architect and has technical experience in continuous monitoring, risk management, digital forensics, and incident response. She has spoken at several conferences on a variety of topics from human factors security engineering, malicious website graphing, and DevSecOps.