Any recommendations for improving communication between your IT/infosec teams? Specifically when it comes to teams working on patching/remediation.

Security & GRCThreat & Vulnerability Management
4.7k viewscircle icon9 Comments
Sort by:
Fractional CISO in Telecommunication2 years ago

The key in my opinion is to foster a positive cooperative relationship. Too often it’s a combative situation over how many patches have been deployed and how quickly.

Cooperation and mutual ways of improving is a better approach.

Deputy Chief Information Officer2 years ago

Consider implementing a Change Control Board (CCB) and fostering collaboration through regular meetings, cross-training initiatives, and the use of collaborative tools. Encourage joint training sessions and awareness programs to enhance cybersecurity knowledge across both teams. Do not forget to celebrate the successes together and foster a culture of continuous improvement. 

Director / Sr Principal, Global Products and Technology in Healthcare and Biotech2 years ago

To enhance collaboration, it's crucial to establish dedicated communication channels—be it Slack channels, regular meetings, or project management tools—where teams can share insights and updates promptly. Clearly defining roles, sharing information proactively, and collaborating on patch prioritization based on risk assessments are foundational. Additionally, fostering a culture of documentation, cross-training, and automation will streamline processes, while continuous feedback loops and joint simulations for incident response scenarios will strengthen our collective efforts. Executive support and alignment are vital to reinforce the significance of this collaborative approach at all levels of the organization. By implementing these measures, we can significantly improve the effectiveness of our patching and remediation activities while fostering a more cohesive working relationship between IT and InfoSec teams.

Director in Manufacturing2 years ago

Certainly, do everything within your capacity to foster a partnership and collaboration. In the initial stages of our IT/INFOSEC efforts, the dynamic was somewhat adversarial. For instance, Security would compile a scorecard highlighting everything IT failed to patch, neglected to address, or delayed in remediation—creating a predominantly negative atmosphere. The shift towards a collaborative approach occurred when both parties took ownership, working together on budget planning for upgrades and remediation efforts. The transformation became more pronounced when INFOSEC goals were harmonized with IT Security Goals, and the financial incentives for both IT and INFOSEC were tied to the overall success of the team. This alignment led to a significantly more collaborative environment.

Lightbulb on1
Lead AI Architect in IT Services2 years ago

ChatOps
Deployment automation
Configuration management
Immutable deployments where possible
Redeploy, don’t patch 
Run multiple deployments in parallel and do rolling upgrades 
Automated failover to a static maintenance page
Excellent monitoring and alerting 
Runbooks that everyone trusts and uses 

Content you might like

What are you currently using to monitor APIs for anomalies in transaction logic?

Any examples you can share of effective use cases for threat intelligence beyond cybersecurity? Have you had success applying threat intelligence beyond IT/cybersecurity to increase its ROI or better justify that investment?

Read More Comments

Post-pandemic, will your team be working fully remote, in-person, or hybrid?

Remote26%

In-person27%

Hybrid46%

View Results

Does your AI security approach include intent-based API monitoring?

Yes100%

No – we have intent-based API monitoring but don’t use it for AI security

We don’t use intent-based API monitoring

Other/unsure

View Results

Apart from applying the patches just released, what other mitigation tactics are you using to address the zero-day SharePoint vulnerabilities impacting on-premises servers?