Collaborative Strategies for Defence Teams

Cybersecurity isn't just about individual defence anymore. It's about collective defence. When businesses band together, share threats, and combine insights, they create a stronger front against hackers. How do you do that? 1) Join threat-sharing networks (very important). 2) Invest in community cyber initiatives. 3) Share best practices and learnings (pretty much a no-brainer). 4) Develop partnerships that enhance security awareness. 5) Remember: what protects one, protects all. If you think your company and it's data is secure, think again. If your neighbor gets compromised, those hackers are coming for you next. Sharing a list of threat-sharing networks here that could be useful. 1. 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻 𝗦𝗵𝗮𝗿𝗶𝗻𝗴 𝗮𝗻𝗱 𝗔𝗻𝗮𝗹𝘆𝘀𝗶𝘀 𝗖𝗲𝗻𝘁𝗲𝗿𝘀 (𝗜𝗦𝗔𝗖𝘀): Various ISACs serve different industries, such as Financial Services ISAC (FS-ISAC) and Health Information Sharing and Analysis Center (H-ISAC). 2. 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻 𝗦𝗵𝗮𝗿𝗶𝗻𝗴 𝗮𝗻𝗱 𝗔𝗻𝗮𝗹𝘆𝘀𝗶𝘀 𝗢𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝘀 (𝗜𝗦𝗔𝗢𝘀): Similar to ISACs but broader, they facilitate information sharing across different sectors and regions. 3. 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗔𝗴𝗲𝗻𝗰𝘆 (𝗖𝗜𝗦𝗔): CISA provides a platform for sharing cyber threat information between government and private sector organizations. 4. 𝗨𝗦-𝗖𝗘𝗥𝗧 (𝗨𝗻𝗶𝘁𝗲𝗱 𝗦𝘁𝗮𝘁𝗲𝘀 𝗖𝗼𝗺𝗽𝘂𝘁𝗲𝗿 𝗘𝗺𝗲𝗿𝗴𝗲𝗻𝗰𝘆 𝗥𝗲𝗮𝗱𝗶𝗻𝗲𝘀𝘀 𝗧𝗲𝗮𝗺): Operated by CISA, US-CERT shares threat intelligence and incident response information. 5. 𝗠𝗜𝗦𝗣 (𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻 𝗦𝗵𝗮𝗿𝗶𝗻𝗴 𝗣𝗹𝗮𝘁𝗳𝗼𝗿𝗺 & 𝗧𝗵𝗿𝗲𝗮𝘁 𝗦𝗵𝗮𝗿𝗶𝗻𝗴): An open-source platform for collecting, storing, and sharing cybersecurity indicators of compromise (IoCs). 6. 𝗜𝗻𝗳𝗿𝗮𝗚𝗮𝗿𝗱: A partnership between the FBI and members of the private sector to share information and intelligence to prevent hostile acts against the U.S. 7. 𝗙𝗜𝗥𝗦𝗧 (𝗙𝗼𝗿𝘂𝗺 𝗼𝗳 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗲 𝗮𝗻𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗧𝗲𝗮𝗺𝘀): A global organization that brings together computer security incident response teams (CSIRTs) to share information and promote cooperation. 8. 𝗧𝗵𝗲 𝗢𝗽𝗲𝗻 𝗧𝗵𝗿𝗲𝗮𝘁 𝗘𝘅𝗰𝗵𝗮𝗻𝗴𝗲 (𝗢𝗧𝗫): Operated by AlienVault, OTX is an open platform where threat researchers and security professionals share threat data. Stay vigilant.

Collaborative teams eliminate security vulnerabilities that siloed teams create. Here's how it works: When looking at enterprise IT structures, I see two distinct approaches with dramatically different outcomes: 𝗦𝗶𝗹𝗼𝗲𝗱 𝗔𝗽𝗽𝗿𝗼𝗮𝗰𝗵 (𝗟𝗲𝗳𝘁 𝘀𝗶𝗱𝗲): ↳ Security Team - Focuses on protection but remains disconnected from business objectives ↳ Infrastructure Team - Builds and maintains systems in isolation ↳ Development Team - Creates applications without integrating security Each team works independently. They communicate through tickets and leaves business users caught in the middle. This creates blind spots where threats thrive. 𝗖𝗼𝗹𝗹𝗮𝗯𝗼𝗿𝗮𝘁𝗶𝘃𝗲 𝗔𝗽𝗽𝗿𝗼𝗮𝗰𝗵 (𝗥𝗶𝗴𝗵𝘁 𝘀𝗶𝗱𝗲): ↳ Security Team - Integrates security throughout development lifecycle, provides proactive guidance rather than after-the-fact roadblocks ↳ Development Team - Creates applications with security built in from day one, leverages secure coding patterns and automated testing ↳ Infrastructure Team - Designs flexible, scalable environments that support both security requirements and development needs With business objectives at the center, information flows continuously between teams: ↳ Everyone takes responsibility for security rather than treating it as a bottleneck ↳ Teams identify vulnerabilities earlier when they cost less to fix ↳ Organizations achieve compliance naturally rather than through painful exercises The collaborative approach requires intentional design: ↳ Shared tools and platforms ↳ Cross-functional team meetings ↳ Unified metrics and KPIs ↳ Joint accountability for outcomes These aren't just theoretical concepts. I've seen organizations improve their security posture by breaking down these walls. Where does your organization fall on this spectrum? --- Follow Daniel Sarica for networking & cybersecurity insights and frameworks.

A common misperception is that the military is all about traditional, top-down org structures. Not true. A great example is Stan McChrystal’s “Team of Teams” model. Time and time again — as a leader in both military and corporate settings — I’ve seen how powerful this approach is. “Team of teams” reimagines organizational structure to succeed in dynamic and fast-changing environments. The goal? To break down silos and create a more adaptable, connected system. Core aspects of this framework include: 1) Shared consciousness Everyone in the organization should have access to the information and context they need to understand the larger mission. This transparency ensures that teams can align their actions and make decisions based on the bigger picture. We call it a common operating picture at Coherent. 2) Common purpose When everyone understands how their work contributes to the organization’s mission, it fosters engagement and drives people to consistently deliver their best. A clear purpose unites teams across functions. 3) Empowered execution Decentralized decision-making gives frontline teams the authority to act quickly and effectively without waiting for approval from higher-ups. This autonomy allows organizations to respond to challenges in real time. 4) Trust Trust is the glue that holds the “Team of Teams” model together. It enables openness, autonomy, and adaptability. Without trust, the connections and collaboration necessary for this model to succeed would break down. By adopting these principles, organizations can unlock the ability and cohesion needed to navigate our increasingly complex world. What do you think is the most important factor for creating a truly adaptable organization?