Close this search box.

What makes a lean security team tick

SIEM platform

When budgets and resources are high, security teams have the luxury of building complex security infrastructures made up of only best-of-breed security products. See a new widget that claims to solve a narrow security challenge. Sure, add it to the stack. Heard about a revolutionary way to do this or that slightly better; no problem, we will just rip out what we have deployed and use this newer, slightly better product instead. However, we all know this world doesn’t exist for the security team that has to fight for every dollar of their security budget. These teams might use computers a little older than they would like, and their monitors might not be as large as they want. Still, despite shoestring budgets and stretched resources, they deliver security outcomes that any organization would be grateful to achieve. So how do they do it? 

Firewall Traffic Analysis

  • Adaptability: Cybersecurity, like any other discipline, is a conglomeration of several different activities that, in one way or another, aim to keep an attacker from reaching their goal. When an organization is working with big budgets, they have the flexibility to build out a security team where analysts focus on any of these specific activities. For instance, you may have analysts focusing specifically on managing firewalls and network protection systems while others only concentrate on endpoints. In lean security teams, however, the flexibility to specialize does not exist. While you may still have members of the team that have deep expertise in a specific aspect of cybersecurity, they do far more than just handle security issues that fall inside that area. This adaptability enables the lean security team to deliver the security outcomes required by the business.
  • Selfless: As a person who grew up playing organized sports, football specifically, I learned early on that the team’s goals were far more important than any specific goals I had in mind. When the team succeeded, I succeeded. And for the team to succeed, I had to do my job every day. We find this selflessness in many lean security teams. In the lean security team, everyone is at the ready to help anyone struggling with an incident. When any analyst wins, with the team’s help, everyone wins. That’s all that matters.
  • Working Smarter, Not Harder: Finally, when looking at a lean security team, we often find a management team that takes the maxim, “work smarter, not harder,” to heart. This management team is always looking for ways to minimize the manual workload on their teams, to squeeze everything they can out of their team. One great way to see that you are working with a highly effective lean security team is by reviewing their tools to get the job done. You will no doubt find that anything that can be automated has been automated, from data collection, to threat detection and ultimately through incident response. These teams use security products that require minimal custom configurations and can offer value right out of the box. For instance, while their automated response capabilities may not be as sophisticated as you could achieve with a complex stand-alone SOAR product, they enable the lean security team to stop and mitigate threats as quickly as possible, which is their goal.  

I commend anyone undertaking a career in cybersecurity. You will work under constant pressure to keep an environment secure. Unfortunately, your efforts may go unnoticed for days, weeks on end, especially when everything goes as planned (when is the last time you called your utility company to thank them for keeping the lights on). 

For the lean security team, this goes double.  To learn more about how Stellar Cyber helps lean security teams tick, set up a meeting with us today!