MS-ISAC® Members: The Most Valuable MS-ISAC Resource
In becoming an MS-ISAC member, the most valuable resource we receive is access to other MS-ISAC members. While there is unarguably a tremendous value in the cyber intelligence and analytics that the MS-ISAC provides, we are obtaining as much value from the intelligence, experience, and relationships the MS-ISAC enables us to build with other members.
As a local government, many of our cybersecurity struggles are basic: what is the most effective way to begin a particular activity? How do we do that with minimal resources? Having access to peers nationwide has improved our ability to be successful with our first-round efforts because we are leveraging the expertise and experience of other MS-ISAC members. Something that has been a pleasant surprise is our ability to return the favor; on some occasions, our experience has benefitted someone else!
Our organization’s security program is maturing. And while it is a slow process, I am certain it is happening much more rapidly as a result of our MS-ISAC membership and participation. We have made some mistakes that slowed us down, but we’ve had many more successes. In looking back on our last few years of security efforts, I’d like to share with you a few lessons learned:
What Didn’t Work
Focusing on what we don’t have.
There isn’t an organization that could not use more: more tools, more people, more time… As a member of the MS-ISAC mentoring program, I was regularly reminded that our struggles of not-enough are not unique. Within the mentor relationship I could ask the questions: “What are you doing?” and “How do you handle those hurdles?” Because of the consistent positive relationship, we were able to focus on the what-we-do-have and modestly mature our security program rather than languish in debate over the things we didn’t have.
Forgetting to create a vision.
During the 2015 MS-ISAC conference, I listened to several presentations that were good reminders that having a vision is the only way to really measure your program’s success. While a can-do attitude will help create momentum in your security program, it is like having a full tank of gas in your car with no destination in mind. By establishing and communicating a vision, the destination will be clear and the momentum created will have endurance.
What Did Work
“Focus on what you agree upon.”
I heard someone at the 2015 MS-ISAC annual conference say this. For me, this simple and powerful statement could not have been shared at a better time. By having agreement, it generally means the people involved are more invested and a successful outcome is more likely. While you may have some specific security activity that is required, we found by focusing on at least some tasks that were easy to agree upon, we were able to build positive relationships, tap into enthusiasm, and in the end make more progress than we’d anticipated. Sometimes the most valuable first steps aren’t the ones you’d expect.
Communicate with the end users.
At the 2015 MS-ISAC annual conference I had the pleasure of hearing directly from two members about their end-user awareness-training program. Fueled with their success stories, we increased our end-user outreach efforts. We not only improved our lines of communication with the end users, but we created many new security advocates across our organization. Our end users became visibility points and risk indicators as well as helped to create more items “that we agree upon.”
Get connected.
Like any new activity, it is easiest to learn from those who are already successful. As a part of the Intel and Analysis working group, I had an opportunity this year to hear directly from several members and solicit their advice. There are many successful MS-ISAC members, each of whom is proud of what they’ve accomplished and excited to share their knowledge and support. Get connected so you can tap into the experience and expertise of your peers.
Be patient.
Be patient – whether it was presentations at the annual conference or general story-telling with other members, I heard this message through many interactions with MS-ISAC members. Remember implementing security isn’t always solely about deploying a technology or a process – often there are cultural changes that need to happen first. When faced with change-preventing barriers, challenge yourself to find an opportunity to turn them into advocates for progress. Be patient with yourself and your organization, change takes time.
Remember, you are not alone in your mission.