No One Is a Cyber Expert: Why Info Sharing is Critical

With the number of incidents on the rise every year, there’s little doubt as to why companies are fortifying themselves with cyber talent. Cybersecurity was identified as one of the top projected growth occupations for 2023 in CompTIA’s State of the Tech Workforce report. Need was projected to grow 5.2% this year alone. In 2023, research predicted an estimated 815,000 jobs for cybersecurity professionals. The numbers are steady and strong.

But there’s a cautionary tale to be told when it comes to cybersecurity. Regardless of how good you are at your job, and there are plenty of great cyber pros out there, no one is a cyber expert. In fact, Lao Tzu, the founder of Taoism, is famously quoted as having said, “the wise man is one who, knows, what he does not know.” With the threat landscape being what it is, no cyber professional can be expected to have knowledge of all threats, making it impossible to be an expert. And that is why sharing information is critical for managing modern cyber incidents.

The Profile of a Good Cybersecurity Pro

Good cybersecurity people don’t need to strive for perfection. There will inevitably be new and challenging incidents to manage. Although having technical aptitude and a good understanding of threats and regulations are great, that can all be learned—but it isn’t enough. Here are some essential traits to look for when hiring good cybersecurity staff.

Problem-Solving Skills

Threats are problems and they don’t always manifest themselves in the same ways. Any good cybersecurity pro will have great problem-solving skills and a calm approach to managing issues that arise. These are going to be your most effective cyber pros.

Collaborative Mindset

Great cyber people don’t set out to be heroes. Most issues will require input from multiple stakeholders to ensure damage can be contained and managed efficiently. Your most effective people will understand how to work together to resolve issues quickly and competently.

Attention to Detail

Sometimes, the devil is in the details. A good cyber pro will pay attention to all the small things that could be impacted by an incident. They’ll work to make sure all elements are managed and appropriately adjusted to minimize the potential of future issues.

Adaptability

Managing cyber incidents almost always requires thinking on your feet. Your adaptable team members are going to be some of the best for cybersecurity work because they can adjust to new threats quickly and develop creative solutions on the fly.

Why Info Sharing is Critical

No single MSP or cyber pro is equipped to deal with every threat and no organization can have a plan in place for all incidents. It’s simply not possible. Cybersecurity threats are constantly evolving and becoming more sophisticated and complex. If we hope to combat these threats, our understanding and action plans must evolve as well. Taking a collaborative mindset towards mitigation is the only way organizations can hope to manage modern threats.

What You Should Document for Sharing

It’s important to understand why type of information you should be sharing with others. Ask yourself what would have been beneficial to know ahead of time when a certain type of attack was coming.

Here are some things to think about:

• Type of attack: Detail your knowledge of the actual attack. Did it result from human error, such as password hacking, or was it malware?
• Timing details: You’ll want to note when the attack took place and detail time to resolution.
• Systems impacted: Outline which systems were impacted and any potential infrastructure or applications that could have been impacted during resolution.
• Critical participants: Define which roles were most valuable in helping to resolve the incident.
• Action plan: Describe what steps were taken to mitigate and resolve the incident.
• Postmortem documentation: Discuss any steps that could have been taken to mitigate the attack prior to occurrence or any suggestions for managing the threat more efficiently.

Resources for Sharing Information About Cyber Incidents

There are organizations dedicated to bringing cyber pros together with the primary goal of helping to share information. These resources are essential to helping spread the word and support collaboration among professionals.

The following are good resources:

• CompTIA Information Sharing and Analysis Organization (ISAO)
• Cybersecurity & Infrastructure Security Agency’s Automated Indicator Sharing
• H-ISAC
• National Council of ISACs
• The Cyber Threat Alliance
• Cloud Security Alliance
  

Raise Your Cyber Awareness

Learn more about the CompTIA Cybersecurity Trustmark and
the CompTIA Information Sharing and Analysis Organization (ISAO).