Security Strategy, Plan, Budget

Three ways to break the blame culture on security teams

Blame culture

Between operating with a drastic talent shortage, dealing with increased threat actor sophistication, and navigating decreased infosec budgets, cyber pros have been under immense pressure over the past few years.

Ensuring that network operations (NetOps) and security operations (SecOps) teams are performing at maximum capacity, both from a technical and human perspective, remains imperative to organizational health. IT leaders are continuing to ramp up their technical defenses against the ever-present threat actors. However, they often neglect the human aspect that contributes to an organization’s vulnerability.

Blame culture in cybersecurity

The threat landscape has become increasingly dangerous while the cybersecurity industry faces a personnel shortage, with 700,000 open positions today in the U.S. This combination means cyber pros should fire on all cylinders when faced with adversity. Unfortunately, that’s not the case as there’s an overwhelming presence of blame culture that takes place when a cyber incident occurs.

Blame culture results in the finger-pointing that takes place once a malicious actor presents itself. Rather than immediately reporting and responding to the incident, leadership and those involved are more likely to point their fingers and do their best to shift the blame – ultimately delaying the efficiency and ability to make critical changes.

A recent survey suggests that  88% of global security teams believe blame culture exists, and many believe it slows the speed at which teams respond to incidents, making SecOps teams counterproductive. It’s even more prevalent in the U.S., with 92% of U.S. sec teams experiencing it. Of the professionals who have experienced blame culture, 94% believe that it slows down the speed at which reporting and responding to a threat gets done. More seriously, blame culture leading to a lack of transparency has been held up as a root cause of ransomware exploits becoming more prevalent.

During a time when ransomware crises are increasingly disruptive and common, it’s more important than ever that teams are operating at full capacity, not getting bogged down by miscommunications. To accomplish this, organizations should implement the following to move away from blame culture:

  • Promote transparency and communication within the security team.

Any good leader knows that security teams are only as strong as their weakest link, and with internal threats like blame culture on the table, it’s important to prioritize encouraging a strong sense of team unity. In fact, 42% of security professionals believe this can help mitigate blame culture. Security leaders should promote communication and transparency within their teams. This will help strengthen relationships and build trust within the team so that when faced with adversity, they rally together, not look for a scapegoat. As simple as it sounds, even encouraging team bonding opportunities such as social hours or buddy systems can strengthen the culture within a team to withstand challenges together.

  • Enable deep observability.

Aside from strengthening team dynamics and culture, it’s important to implement proper technical tools and perspectives into company networks. Notably, companies can mitigate blame culture by deploying deep observability tools into an organization’s network. In fact, over a quarter (24%) of CISOs/CIOs claimed having deep observability will combat blame culture.  Enacting deep observability can help prevent ransomware attacks and other threats from happening in the first place – reducing tension and conflict among NetOps and SecOps in general.

That said, for cybersecurity leaders, there are never-ending stressors. And most cyber leaders I know have an extreme sense of fear-of-missing-out (FOMO) on a threat actor. If they’re given the tools to see everything in one place, through deep observability, they will have less FOMO and as a result, less stress.

  • Embrace a security-first mindset across the organization.

NetOps and SecOps teams aren’t the only ones that carry the responsibility of the organization’s overall cybersecurity hygiene.  One in three employees doesn’t understand the importance of cybersecurity, which leads to an influx of threats and added stressors on the security teams as a whole. Educating the entire workforce and enacting regular security training and check-ins will significantly improve an organization’s security posture, in turn putting less pressure and workloads on security teams.
An organization’s security posture depends on each member within the organization taking responsibility for security. As we continue working through a particularly challenging chapter for cybersecurity professionals, with the noticeable personnel shortage and historically malicious threat actors, companies must support their security teams.

Blame culture exists and it’s a problem. Security leaders must acknowledge its existence within their organizations and combat its impact by promoting transparency and communication within their teams, leveraging deep observability, and deploying security-first mindsets across their organizations.

Ian Farquhar, field chief technology officer, Gigamon

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.