© Roman Samborskyi/Shutterstock.com

Key Points

  • Cross-functional teams are a must for breaking down silos in your cybersecurity practices.
  • Make use of iteration and adaptation to create a proactive, responsive security team.
  • Agile practices help to promote a culture of continuous improvement that puts security first.

Agile and cybersecurity go together like chocolate and peanut butter.

Traditionally, cybersecurity practices are largely reactive, siloed off from the rest of the company.

Now, as we’ve seen with recent data breaches and incidents over the last decade, this isn’t the best way of handling things.

In reality, the ideal of a cybersecurity team is proactive, iterative, and integrated within the organization.

So, how do you achieve this with Agile? You’re in luck, because we’re taking a closer look at some practical strategies to get your business’s cybersecurity practices back on track.

Fostering the Right Culture

Young co-workers team talking during startup - Happy people planning a new project in creative workplace office - Technology, entrepreneur, marketing and concept - Focus on left man with headphones

©DisobeyArt/Shutterstock.com

Silos

Cybersecurity generally operates in a siloed manner, with security teams acting as gatekeepers of sorts when reviewing infrastructure or code in software development. The biggest thing you can do when incorporating Agile into your cybersecurity practices is to break down those silos.

Cross-functional teams where operations and security professionals work together promotes a culture of security. Further, it shares the responsibility of security. It isn’t solely resting on the shoulders of your security team, but rather something that is carried by the entire organization.

Visibility and Communications

Agile is huge on communication, and that’s something you’ll want to get used to early on. The use of daily stand-up meetings and reviews provides an open forum for feedback and communication. When making use of cross-functional teams, you’re allowing security professionals to share their expertise and discuss emerging threats. Aside from that, you’re also opening your organization to give feedback on how to better integrate security techniques into daily operations.

It’s a net benefit for everyone involved and only serves to enhance your overall security posture when you get in the swing of things.

Iteration and Adaptation

Agile is built upon iteration, at least when considering its origins in software development. This natural predilection toward iteration is going to be instrumental in bolstering your security posture. Consider security assessments for a moment. Typically, you conduct these large, sweeping assessments. Instead, if you took an iterative approach, you’d have a more comprehensive view of your overall security posture.

Ongoing assessments can help to identify risks and threats as they emerge, with teams acting proactively instead of reacting to remediate incidents as they arise.

Respond to Change

One of the core tenets behind the Agile way of doing things is adaptation and responsiveness. In cybersecurity, this presents itself as being able to rapidly pivot and place appropriate measures when considering new threats.

If you’re lagging with deploying things like security patches and hotfixes, then being able to respond more quickly is going to make sure these are addressed in short order. Compared to the more structured, rigid way of doing things, incorporating Agile practices like sprints means that those tasks are getting handled in no time at all.

Incremental Improvements

Cybersecurity can seem like a daunting, monolithic practice. When I went through my schooling years back, it was expected that you’d incorporate the right measures all at once. Time and perspective has shown us that this is a fool’s errand. There is always a shortcoming to adapt to, whether it’s budgetary concerns, time, or having to drop everything to respond to an incident.

What if you didn’t have to stick with the old way of doing things? Using something like sprints, once again, means that you’re adding improvements at a quicker, manageable pace. This allows your team to focus on high-priority items first, with each short iteration resulting in hardened assets and better overall practices.

Agile Practices

Wide shot of a technician using a laptop while crouching in the aisle of a server room.

Wide shot of a technician using a laptop while crouching in the aisle of a server room.

©Juice Flair/Shutterstock.com

I’ve touched on the use of sprints a few times, which should be absolutely critical to integrate into your daily operations going forward. However, there are quite a few Agile practices that you’ll want to consider as you build your cybersecurity initiatives around the approach.

Scrum

A framework like Scrum provides an effective means of delivering security measures. Daily Scrum meetings and the use of servant leadership can provide a guiding hand that helps promote a security-first approach to product development, services, and even basic tasks like creating new baselines.

Automation

It goes without saying, but you should readily be automating the more tedious tasks. Security has no shortage of tedium, whether it’s organizing and categorizing security tickets, reviewing anomalous events in logs, or scanning for vulnerabilities. Handling this a matter of simple scripting, and something that even someone with a passing knowledge in Bash or PowerShell can readily address. This leaves your team to handle more complex issues, rather than worrying about busywork.

Retrospectives

Security posture is rarely bolstered by teams that are unwilling to learn from previous incidents. Retrospectives are one Agile practice that allows teams to review what went well and what could be improved. Beyond promoting a culture of security, you want to build a culture centered around continuous learning and improvement. Cybersecurity is constantly evolving, and staying stagnant will result in failure.

Other Useful Tools and Concepts

Ready to keep going? You might want to take a look at how making incremental changes can impact your team’s ability to respond to incidents. Smaller, gradual changes are far more effective than grand, sweeping actions.

Additionally, you might want to consider how you can get problems under control through the use of daily Kaizen. Kaizen is one of the key principles behind Lean, and is something any organization could benefit from using.

Conclusion

Agile is a fantastic complement to cybersecurity practices. When considering the evolving threats to your security posture, taking an iterative, proactive approach is going to yield far better results than reacting and trying to get control of the chaos.

About the Author

Liam Frady

Liam was first introduced to Six Sigma when entering into the tech industry. With experience in project management, team leading, network security, and network architecture, he understands just how important the methodology is when applied to any industry. Since leaving the tech sector, Liam has pivoted to putting this experience to good use, writing for businesses and consumers alike.