How to turn your IT team into a security team
Introduction: IT teams vs. security teams
Building a strong security team should be a priority for all organizations today. This includes companies that already have a good IT team on board made of experienced systems managers and information systems engineers.
Although the two teams are often intertwined, the scope of work is different. IT teams manage and plan networks, hardware, data storage and processing as well as developing strategies to meet the needs of management with an eye at the assigned budget. Security teams focus on the protection of the organization information system infrastructure, the resiliency to internal or external threats and the defense of the confidentiality, integrity and availability of the greatest asset: data.
What should you learn next?
As we can see, the roles are different. While IT personnel have the skills and knowledge to build the system infrastructure in order to manage, store and transmit data, the security team is tasked with ensuring the safety of the substructure by creating the conditions to safeguard information. This includes not only technical solutions and vulnerability monitoring but also programs designed to target what is considered one of the greatest vulnerabilities in the cybersecurity chain: the user.
Security professionals, in their effort to mitigate risks for the organization, are also asked to foster a culture of cyber awareness to increase the responsiveness of staff.
Building a security team
Can IT and security professionals coincide? In a smaller organization, possibly. It is also possible to outsource the task to professional companies external to the organization.
But when building an internal team, especially in medium or large organizations, what can management consider? The task is to create a group that is focused on the discovery of threats and the understanding of possible vulnerabilities, and which is able to help staff become cyber-savvy. This cannot be the job of systems administrators or architects, who are already tasked with managing the infrastructure and do not necessarily have the specific knowledge to tackle cybersecurity.
However, finding the right talent in the IT group ready to move into security roles is definitely possible and a great opportunity for most companies.
According to ISACA’s State of Cybersecurity 2020 research, 62% of surveyed professionals stated their company’s cybersecurity team is understaffed and 57% actually have unfilled positions on their team. Training personnel from within can be a winning move, as long as no shortcuts are taken and the right training and knowledge is acquired prior to being entrusted in a safeguarding role.
Why is it a good idea to staff security teams with IT team personnel?
There are a number of reasons why a company should first look within its available staff.
First of all, these professionals might already be the right talents for the job. Managers can survey interest in the newly-created group as well as canvass the background and interests of employees to see if anyone has already the proper knowledge.
While combing the staff for possible options, it is important for the company to conduct a skills gap analysis. This undertaking can get insight into the IT teams’ current capabilities in terms of security and identify the best options for cyber-related training. An accurate skills assessment provides visibility of the deficiencies in the team at both an individual and group level. What’s more, this could verify which members are more fit for specific tasks or roles that might match their experience.
Turning part of the IT team into a security team has also the benefit of including professionals that are already part of the workforce which have already proved their IT competence, their worth and support to the organization’s goals. A number of transferable skills and knowledge can make this option a winning one, and security teams can be enriched by including professionals with a different background and a fresh perspective. In fact, these employees would already know the organization, its values and practices as well as understanding its vulnerabilities, capabilities and data to be protected.
Security personnel might not manage the company networks but do need an in-depth understanding of its setup and the many requirements the systems are asked to meet. For example, they would already know all the required software the company needs to operate and can better evaluate the possible vulnerabilities. This knowledge in current employees is invaluable. Security personnel may have already worked with and in the IT team, which puts them ahead of the game.
Collaboration skills are essential and these employees have probably already proved themselves able to work not only in a team but, to a great extent, for that particular ad hoc group. They may have already been exposed to discussing and presenting reports to management.
What’s more, they’ll also have the pulse of the staff computer literacy and their cyber readiness. This would be essential in being able to address possible issues and create awareness programs that better fit the staff needs and capabilities.
Of course, looking within onboarded players first is a great way to show appreciation to the current staff and possibly a way to offer professional development and promotion opportunities that build loyalty and boost morale. On-the-job training programs can further security education and coaching is a great way to increase security performance, but a comprehensive certification program can build on the IT knowledge the employees already have.
The IT team, in fact, probably already has related university degrees and possibly already general, comprehensive certifications to cover system administration competencies.
These skills can easily be augmented by creating a certification program that helps staff to achieve the security credentials needed for mid/advanced levels and that can help boost their competences. Certifications like the GIAC®️ Global Industry Cyber Security Professional (GICSP) and (ISC)² CISSP, for example, can be part of an efficient continuing education program.
Conclusion
With new threats emerging every day and cyberattacks on the rise, many organizations have opted to turn to members of their IT team to form a specialized security group able to lead the workplace and deploy the technologies available today to boost cybersecurity. Having a proper IT security team helps better manage risks, resolve vulnerabilities and reduce the time needed to detect issues and problems as they arise and decrease the time to recover from attacks.
Although outsourcing this function and hiring from the public are great options, investing in security education for members of the current IT team has many benefits and it is a viable option for many organizations.
What should you learn next?
Sources
- State of Cybersecurity 2020, ISACA
- Why Cybersecurity Awareness Is Important for Every Employee, BizLibrary
- How to conduct a skills gap analysis, Workable Technology Limited
Get unlimited and self-paced training for you or teams in your organization with Infosec Skills.
- 190+ role-guided learning paths
- 100s of hands-on labs & cyber ranges
- Custom certification practice exams
In this Series
- How to turn your IT team into a security team
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity