Teaming for the Cybersecurity Professional, a Brief Overview

Dec 08, 2021
5 minutes

Every Cybersecurity professional is aware of the many disciplines that compose the industry and that solving the increasingly complex problems that the industry faces requires either broad knowledge at the individual level or strong cross functional teamwork. However, the standard model of a team falls short in the rapidly changing landscape of cybersecurity.

The wash-rinse-repeat approach of, for example, a sports team training to win a game (with each team member mastering their role and regularly practicing together) simply doesn’t fit when the goal is uncertain, team members cycle with projects, or a breakthrough solution is required. A better approach that can be practiced at the individual or leadership levels is the understanding and application of the process of teaming.

What is Teaming and How Can it Benefit You?

The concepts that make up teaming were explored by Harvard Business School professor Amy C. Edmondson in her 2012 book Teaming: How Organizations Learn, Innovate, and Compete in the Knowledge Economy, in her follow-on 2013 book Teaming to Innovate, and in a TED talk she gave in 2018 titled “How to turn a group of strangers into a team.” Edmondson uses the term ‘teaming’ in order to emphasize the activity of working together, because it is an active process, vs. a team, which is a static entity.

She identified four pillars for successful teaming: Speaking up, Collaboration, Experimentation, and Reflection. Speaking up includes things like asking questions, offering ideas, talking about errors, seeking help, or offering assistance and is not limited to your role on a team, but rather to the team's work as a whole. Collaboration includes seeking information, sharing information, and coordinating with the other components of your team. Experimentation is the act of learning from action and involves testing your ideas and seeing what effects they have on the team and your project. Reflection is the continuous examination of the team's actions to learn from the results and inspire new ideas.

Edmondson identified the pillars through years of research and gives numerous examples of successful teaming, including the rescue of 33 trapped men in the 2010 Chilean mine collapse and the development and release of the world's thinnest phone at it’s time, the Motorola RAZR, in 2004. The process of teaming works well in situations with many unknowns and/or with ambitious goals.

As a cybersecurity professional, you’ll frequently find yourself in situations like responding to an incident, developing a countermeasure for some exploit, or planning for an emerging threat where you may or may not know your teammates very well and/or are racing against the clock. You can apply the teaming pillars in these situations to help drive success. Bring your ideas to the table, whether they’re for your own role or another component of the team. Don’t hesitate to offer your own insights, suggestions, and perspectives even if you're unsure of yourself. Every bit of information is useful in some way. Take the time to learn the other components of the team, learn about your teammates and their perspectives, and ask for help when needed. Try new things without the fear of failure. The process of learning from those failures can lead to new insights and innovative ideas.

Recognize and Encourage Teaming for Continued Success

The application is a bit different for a leadership role. As a leader, you need to enable the process for your team. Edmondson spends a great deal of time covering this in her book. In short, as a leader you need to encourage the team to share ideas, learn from and assist each other, and make it a safe environment for them to do so. Of high importance is the acceptance of failure as a tool to learn and innovate.

You may have already seen teaming at work but didn’t recognize it as a repeatable process. I’m currently working on a project that showcases all of the aspects of teaming, but it took an organic approach to get there. The project is an ideal candidate for teaming as it involves ever changing expectations from a client, a scalable team to meet demand requirements, and constant innovation to adapt to the investigative landscape. The project started off with a small group of cybersecurity consultants and managers building a process from scratch for performing and reporting on a technical analysis that none of them had any direct experience in. They learned from the client, each other, their successes, and failures. The client was pleased with the initial results and increased the workload. The team responded by increasing its manpower.

The new team members, with no experience in this particular type of work, were able to rapidly learn the technical work and processes from the veteran team members and began contributing almost immediately. As the team's familiarity with the work increased, it began innovating and increasing efficiency. In turn, the workload decreased, so members rolled off. When the client presents new types of work, the team adapts, expanding if needed or shifting around resources to build out new processes. The fluid nature of the teaming process allowed the project to grow with the client and establish a lasting partnership that understands and adapts with the client’s needs.

Teaming is a process that is uniquely fit for application in the realm of cybersecurity. It allows for a large amount of adaptability while encouraging innovation and is useful when facing complex problems with lots of unknowns. The application of its underlying concepts already occurs organically in some instances, but they can also be consciously applied by an individual contributor or leader to drive success.

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.