Cybersecurity is a team sport — that’s the key takeaway from Tina Thorstenson, CrowdStrike Senior Director Public Sector Industry Solutions and Strategy, and her fellow speakers on the recent Executive Women’s Forum panel, Investments in Community Collaboration and the ROI during the Pandemic.
In a discussion moderated by Tina Slankas, senior manager at Accenture and featuring two other leaders in cybersecurity — Cybersecurity Program Coordinator for the State of Arizona Ilene Klein and Global Head of Security, Privacy and Risk Management at Wayfair Marnie Wilking — Tina discussed how important it is for cybersecurity professionals to work across the public and private sectors in their efforts to prevent and defend against today’s most critical cyberattacks.
This blog summarizes Tina’s suggestions for the three key ways cyber professionals, and women in particular, can “play for the same team” while also helping to maximize their organizations’ cybersecurity.
1. Prioritize information sharing — and honor the trust of your network.
Cyber criminals have a routine. They use the same tactics on new targets knowing that victims rarely warn others of their experiences. When that information isn’t shared, future targets remain vulnerable to criminal exploits — and the adversaries remain confident and well-funded.
“We have to bolster information sharing,” notes Thorstenson. “It starts with listening and being willing to share. I focus on the listening part because I need to know what’s top of mind for my customers, peers and the community to know how I can help.”
The panelists added that trust is another necessary component of this equation, as partners will only feel empowered to share information if they know that sensitive details will remain private.
Action Item: Create a process that your organization can follow to pass along relevant proactive cybersecurity program activities as well as actionable, accurate information to your network in the event of a security incident. Develop a plan for how your company will pass along any credible warnings it receives.
2. Broaden your local intelligence networks.
One of the main recommendations offered by Thorstenson and echoed by the rest of the panel was to break down the barriers between the public and private sector — particularly as it relates to the FBI, local law enforcement and other government groups.
“When the FBI launched a cyber team in Arizona, I had an introductory meeting with them in my previous role as deputy CIO at Arizona State University,” says Thorstenson. “And then, it just so happened that the very same day, a significant incident happened at ASU. So I called them back within hours.”
For her, that meeting was the beginning of a strong and lasting partnership — one that was instrumental in creating a broader cyber-sharing community in Arizona. The other panelists shared similar experiences in the retail and financial services world, suggesting that these relationships are critical across virtually every sector and for every company, no matter how big or small.
Action Item: Reach out to your private sector FBI representative and engage your local law enforcement teams to begin building working partnerships.
3. Build your network.
Relationship-building is the key to strengthening our collective cybersecurity defenses. According to the panelists, creating a network of people who share your goals and understand your challenges is an important element of success.
With the stakes so high, the panelists took steps to create the community they needed to advance their missions. For example, Marnie held a quarterly breakfast at the Wayfair office — an occasion that is now a monthly digital breakfast due to the pandemic. Ilene has helped organize a monthly cyber threat briefing for government contacts and critical infrastructure partners through the safe fusion center.
“It’s important to find that handful of contacts and partners that are on your speed dial list when something goes wrong,” confirms Thorstenson. “At ASU, we got it right most of the time, but every now and then we need something yesterday. That’s when the network comes in—and CrowdStrike was on our speed dial list.”
Action item: Don’t wait for someone else to create the community you need. Start building your network in the way that works for you — be it through one-on-one meetings, a group breakfast or an industry briefing.To learn more about EWF and the recent panel, please visit The Executive Women’s Forum website. And for more tips and insights from Tina, look for her interview in our 5 Questions series coming soon.Does working for CrowdStrike sound interesting to you? Visit the CrowdStrike career page to learn more about our teams, our culture and current open positions.