Although that particular attack occurred in 2016, the risks have only increased since then. To build a strong and resilient security operations team, speakers on the webinar recommended the following actions.
3 Tips for Building a Strong Cybersecurity Operations Team
1. Build Clear Communication Strategies
Organizations should establish internal and external communication pathways for sharing information about potential and known breaches. Security teams need to know when to contact top administrators, as well as IT personnel, contractors and employees outside of IT.
MORE FROM HEALTHTECH: Here's how digital and omnichannel platforms modernize patient access.
For external audiences, IT security teams need clear protocols that define when and how to inform external counsel, patients and the public. As an administrative backup, these instructions should be printed on paper and distributed to key stakeholders.
2. Practice Detecting and Responding to Threats
The Center for Internet Security offers free exercises in which teams can practice responding to scenarios such as malware infections and cloud infiltrations. Running through these incident scenarios once a month can help a security team stay updated on new threats. It can also show an organization where communication and response gaps may exist.
“Study those situations, work with people and develop workstreams to build a response,” Shpantzer said. “Who knows how to detect the threat? Who knows who to call? Who makes the business decisions?”
3. Develop and Provide Resources for Your Team
MITRE, a nonprofit organization that operates federally funded R&D centers on behalf of state, local and federal governments, recommends a review to ensure you have the optimal number of analysts needed to meet your organization’s security operations center demands. It also emphasizes that opportunities and training are key for efficient and resilient teams.
DIVE DEEPER: Here's how new technologies create opportunity for healthcare providers.
For example, use creative analysts to write code that can automate security activities. Those are the staff members you want to hire and keep.
“The whole idea of a CV and a skill set is not what we’re looking for anymore,” said Vetter. “It’s attributes like perseverance.”