Mind the Tech Gap Addressing the Conflicts between IT and Security Teams

IT and cybersecurity teams have had a long-standing battle between functionality and security. But why? To understand where the problem lies, this book will explore the different job functions, goals, relationships, and other factors that may impact how IT and cybersecurity teams interact. With different levels of budget, competing goals, and a history of lack of communication, there is a lot of work to do to bring these teams together. Empathy and emotional intelligence are common phenomena discussed in leadership books, so why not at the practitioner level? Technical teams are constantly juggling projects, engineering tasks, risk management activities, security configurations, remediating audit findings, and the list goes on. Understanding how psychology and human factors engineering practices can improve both IT and cybersecurity teams can positively impact those relationships, as well as strengthen both functionality and security. There is no reason to have these teams at odds or competing for their own team’s mission; align the missions, and align the teams. The goal is to identify the problems in your own team or organization and apply the principles within to improve how teams communicate, collaborate, and compromise. Each organization will have its own unique challenges but following the question guide will help to identify other technical gaps horizontally or vertically.

Chapter 1: Background of IT and Cybersecurity Fields Chapter 2: Roles and Responsibilities in IT Chapter 3: Roles and Responsibilities in Cybersecurity Chapter 4: Where IT Meets Cybersecurity Chapter 5: The Disconnect (IT vs Cybersecurity) Chapter 6: Separation of Duties Chapter 7: Management Interference Chapter 8: Financial Issues and Responsibilities Chapter 9: Education Gaps Between IT and Cybersecurity Chapter 10: Bridging the Technology and Cybersecurity Gap Chapter 11: Embracing Functionality and Security Chapter 12: Creating New Roles Chapter 13: Building Trust and New Relationships Chapter 14: Path Forward

Nikki Robinson earned a DSc in Cybersecurity, several industry certifications including CISSP, and is a Security Architect by day, and an Adjunct Professor at night. She had more than 10 years of experience in IT operations before moving into the security field about 3 years ago. She studied vulnerability chaining concepts and completed her PhD in Human Factors to combine psychological and technical aspects to improve security programs. She has a passion for teaching and mentoring others on risk management, network defense strategies, and DFIR. She is currently a Security Architect and has technical experience in continuous monitoring, risk management, digital forensics, and incident response. She has spoken at several conferences on a variety of topics from human factors security engineering, malicious website graphing, and DevSecOps.