The Security World Has a CTO Problem – But Not Like You Think

Cybersecurity is not just a concern but a critical necessity for government...

I was asked recently by a software developer, "How will documentation prevent your ransomware? I had one of these exercises once; it was a waste of time, nobody knew what they were talking about."

Let me tell you.

The Importance of Experience

The first part we have to look at is the last part of the offending sentence: "nobody knew what they were talking about." Cybersecurity is not something that is “fake it until you make it” – it requires experience and knowledge, both of which are typically hard-fought and won in the trenches of the real world. Theoretical knowledge is always a factor but will never replace the pragmatic and focused experience of someone who has “been there, done that” during real outbreak/attack scenarios. For the purposes of this article, we’ll assume an 18-year career in cybersecurity sufficiently qualifies me to weigh in here.

The Role of Documentation

Now on to the (sometimes not) fun part – the documentation. A properly documented security plan/strategy will include many different layers, protocols, procedures, etc. It should be created by individuals or a vendor that has quantifiable experience in the industry and understands the nuances of cybersecurity.

Nuance matters.

The documentation will serve as a lighthouse to the internal team(s) and department(s). We won’t be going over an exhaustive list of documentation, but we’ll certainly be hitting the highlights.

Policies

First up are policies. Well-defined policies that are actually enforced and don’t just collect dust on a page somewhere are incredibly powerful. Policies help define what needs to be done to stay safe and manage risk. For instance, it’s common to have a policy that defines how the company environment will be monitored for threats and who is responsible for that task.