Security TeamsPeople, process and technology – this is the security trifecta that organizations often strive to optimize as they modernize their threat detection and response capabilities. With incredible new SOC tools emerging thanks to machine learning and artificial intelligence, it’s easy to focus on the technology side of that equation. However, there’s a lot of ground to be gained when it comes to your “people”.

As we developed the Awake Network Detection and Response platform, we talked to over 200 security teams to understand what their needs were, what worked well and what didn’t and importantly, what made them tick. As Gary Golomb, one of our co-founders put it, “Engaging with those teams and my own personal experience working with hundreds of top security professionals has highlighted the practices, attitudes and intuitions I see consistently across the best. And what’s amazing is that the teams that adhere to these practices seem to develop a ‘factory’ that takes security professionals at any career stage and gets productivity out them as if they were highly experienced analysts.”

Those lessons have influenced our product strategy. We have built, and continue to endeavor to build, these practices and “skills” into our network traffic analysis solution. But just stopping there felt like a shame. So, we went ahead and documented these patterns of best practices in what we are calling the “7 Habits of Highly Effective Security Teams.”

We are thankful to all the security pros (you know who you are 😉) that have shaped these thoughts and helped review as we iterated. These habits are by no means done or final. We hope to continue to evolve them as we learn more. We would also love to hear your thoughts on what you agree or disagree with, and what has worked well for your team that perhaps we haven’t considered. Drop us a line at [email protected][.]com. Your people are a vital part of securing your organization against cyber threats and attacks, so ensuring you have the right team with the right habits is critical.

P.S. On a related note, Gary also recently authored an article for Dark Reading highlighting these habits. It’s worth taking a moment to read.

By Rudolph Araujo
Security Investigations
Security Operations Center