Page 197 - Cyber Defense eMagazine March 2024
P. 197

This culture change also involves recognizing and rewarding good security practices. By highlighting
            instances  where  teams  have  successfully  balanced  innovation  with  security,  organizations  can
            demonstrate the value of good friction in action. This not only reinforces the desired behavior but also
            shows that the organization values security as an enabler of innovation.




            Challenges and Considerations

            Adopting a system of guidelines and guardrails is not without its challenges. It requires a delicate balance
            between providing enough freedom to innovate and ensuring adequate security measures are in place.
            Organizations must clearly articulate the rules to avoid ambiguity that could lead to security lapses.  They
            must monitor the guardrails to ensure no one leaps over them to run outside the business’ chosen path.
            Critically,  this  approach  demands  a  higher  level  of  security  awareness  among  all  employees,
            necessitating ongoing education and engagement initiatives.

            The transition to good friction requires a shift in mindset at all levels of the organization. It involves trusting
            teams  to  make  the  right  decisions  within  the  defined  guardrails  and  being  open  to  adjusting  these
            guidelines as the business and its security needs evolve.



            Conclusion

            In the quest for robust cybersecurity, replacing bad friction with good friction represents a paradigm shift
            towards a more agile, innovative, and secure organization. By adopting a system of clear guidelines and
            guardrails instead of barriers, businesses can empower their teams to make informed decisions that
            balance  the  need  for  innovation  with  the  imperative  of  risk  management.  This  approach  not  only
            synchronizes cybersecurity to the pace of business, but also cultivates a culture of security mindfulness
            that permeates every level of the organization. As we move forward in this digital age, embracing good
            friction in cybersecurity is not just beneficial; it's essential for maintaining competitive advantage in an
            increasingly complex landscape.



            About the Author

            Craig Burland is CISO of Inversion6. Craig brings decades of pertinent industry
            experience  to  Inversion6,  including  his  most  recent  role  leading  information
            security operations for a Fortune 200 Company. He is also a former Technical Co-
            Chair of the Northeast Ohio Cyber Consortium and a former Customer Advisory
            Board  Member  for  Solutionary  MSSP,  NTT  Global  Security,  and  Oracle  Web
            Center. Craig can be reached online at LinkedIn    and at our company website
            http://www.inversion6.com.









            Cyber Defense eMagazine – March 2024 Edition                                                                                                                                                                                                          197
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   192   193   194   195   196   197   198   199   200   201   202