News & Resources

Agile insights from LitheSpeed
31
Jan

CyberAgility: Using Agile to Improve CyberSecurity Value Delivery

In today’s world, Cybersecurity is at the forefront of world news.  Some of our clients experience 12 million plus hacking attempts per month.  Given the magnitude of risk to an organization, traditional waterfall delivery methods for Cybersecurity solutions will put an organization way behind the 8 ball when it comes to fending off attacks; there is no way that they will be able to respond to threats fast enough.  To respond to these threats faster, LitheSpeed has been helping clients incorporate agile practices into their Information Security practices with great success.  We call this combination of Agile and Information Security CyberAgility.  Building CyberAgility practices into the culture of an organization can help strengthen its defenses at a much faster pace than traditional methods.

CyberAgility reduces company risk by decreasing time to value for tools and methodologies that protect the organization.   

This includes the ability for a company to pro-actively defend itself against cybersecurity threats (denial of service attacks, data breach prevention), provide operational support (system access requests), complete audit requests (have we documented what we do, and do we do what we documented), as well as quickly responding to real-time events as they occur.

Here are some examples of how CyberAgilty has helped in several areas of Information Security:

Data Loss Prevention:

We helped create a dedicated team that could build, test, and implement enterprise policies that scanned for potential data loss.  The team was able to identify a subset of potential threats in 25% of the time that it would have taken using waterfall methodologies.

Operational monitoring and alerting:

We helped establish a dedicated team that could create, test and implement monitoring and alerts, and the team was able to implement monitoring and alerts in about 1/3 the time compared to the previous methodology.  Tying back to value, this means that we reduced organizational risk 67% faster.

Controls Testing:

Most organizations have a set of controls that need to be tested on a regular basis.  Typically, there is an operational team responsible for managing the controls lifecycle for the enterprise.  By helping this team create a Kanban model, which included visualizing all work and clearly documenting the process each control follows, we were able to gain enterprise transparency so that all impacted groups and stakeholders understood where their specific control was in the testing and certification process.  This effort also helped us identify non-value added steps and roadblocks that could then be reconfigured to help with the flow of the controls.

So how can Cybersecurity teams transition to an Agile style of working?

In many ways, an Agile transformation in Cybersecurity follows very similar patterns that any other Agile transformation experiences.  Specifically:

  1. There is a need to align the organization on the goals of a transformation, both at the Leadership level and the performer level.  Failure to gain alignment will cause challenges across the board, but again, are not unique.
  2. Change is hard in an organization.  Managing change is also critical to ensuring the success of a transformation.  The book Who Moved My Cheese does a great job of capturing the essence of people and the various ways they handle change.  Achieving CyberAgility does require a good bit of coaching and training on letting go of the old cheese and embracing new cheese, as it were.
  3. Continuous coaching and grounding back to the organization’s transformation training goals and objectives is imperative.

Is your team ready?  Here’s a sample roadmap to get started.

CyberAgility Transformation Roadmap:

Step 1: Define the Objectives and Key Results (OKRs) that you will use to measure success.

  1. Shifting from 12-18 month lead times to value in 3 months or less
  2. Increase agility for faster responses to cyber threats
  3. Drive Operational Efficiency by reducing waste, eliminate the low value-add tasks
  4. Seamless integration with development teams to push security to the left

Step 2:  Run discovery sessions with leadership and key resources in the department to capture the general flow of work and pain points that exist.

Step 3:  Based on the OKRs and discovery sessions, create cross-functional pilot teams that are aligned around a service delivery instead of aligning around a specific tool.
Step 4: Train the pilot teams, then actively coach each pilot team through the delivery transformation.

Step 5: Continually learn from the pilot teams and begin to build out a rollout plan for the rest of the organization.

Step 6: Begin rolling out new teams (repeating steps 4 and 5 for each new team).

Step 7: Introduce a maturity model and help teams progress to become high performing teams.

Step 8: Start planning for a scaled model.


Contact us for help strengthening CyberAgility at your organization.