Welcome to Webinar 2 of our three-part series, The Other Side of Security. Today’s session is titled Security Analytics is a Team Sport. The IT security landscape is evolving rapidly. More users now access corporate email on their private phones, and many people are working remotely on a permanent basis. This creates a constantly shifting security landscape, often described as a “moving target.”
As a result, IT departments are facing a perpetual security marathon, requiring a combination of business strategy, policies, standards, procedures, and above all, accountability to maintain control. There’s no single tool or concept that can have a greater impact on cybersecurity than fostering a collaborative team effort. Remember, every team has a goalie, and every goalie has a team.
Last week, we addressed the relationship between security hygiene and cybersecurity. Today, we’ll be focusing on how security analytics is a team sport. Joining me are Joe Gross, Director of Solution Engineering, and Simon Huber, Solution Engineer at Greylog.
Jeff: Joe, say hi to the audience.
Joe: Hey, Jeff! How’s it going?
Jeff: Good! And Simon?
Simon: Hey Jeff! Ready with the dad jokes, as always.
Jeff: Awesome. So, let’s dive right into it. First question for you, Simon—what does it mean when we say “security analytics is a team sport?”
Simon: Thanks, Jeff. I think it builds on what we discussed in the last session. The concept of security analytics being a team sport is about creating a culture of security across the organization. It’s not just about the IT or security teams—it’s everyone’s responsibility. Whether you’re in the Windows team, Linux team, HR, marketing, or even facilities and manufacturing, security needs to be baked into everything we do. It’s about ensuring that everyone in the organization is working together to keep things as secure as possible.
Jeff: Great point, Simon. Joe, anything to add?
Joe: Absolutely. Simon hit the nail on the head. The only way we can effectively manage security is through collaboration. Everyone in the organization needs to be on board with upholding policies, reporting issues, and enabling security teams to do their jobs. It’s about rallying the organization around security the same way they would rally around their core business functions—whether it’s manufacturing, consulting, or accounting. Everyone plays a role.
Jeff: Speaking of collaboration, Joe, what’s the best way to actually make that happen across an organization?
Joe: Well, any change has to start from the top. Leadership—whether it’s the board, executives, or investors—needs to understand that security is essential for the business to achieve its goals. To get them on board, we need to consistently communicate security trends, the steps we’re taking, and how our efforts align with business objectives. Providing regular metrics and reports is key, so they can see the impact of security on the organization.
At a department level, creating security committees or assigning business partners from the security team to work closely with other departments can be effective. Understanding how different teams operate and what their unique security needs are helps build stronger relationships and trust.
Jeff: Simon, any thoughts on encouraging participation from across the organization?
Simon: Yeah, I agree with Joe. But I’d also say that it’s about finding a balance. Organizations can either invest in more processes and procedures, which may slow down operations, or they can integrate security into the culture in a way that feels natural. The latter tends to be more practical and cost-effective for most companies. Making security part of everyday activities—something that everyone contributes to—is more sustainable in the long run.
Jeff: Excellent insights. So, how do you get the average person, not in management, to participate in this security culture?
Joe: You need to communicate the purpose of security in a way that resonates with them. For example, create a clear security charter and market it internally. People need to understand why security is important and how it enables them to do their jobs better. It’s also about making security convenient for them—like ensuring they can work securely from their phones without too much hassle. If security measures are too disruptive, people will bypass them, so it’s all about balance.
Simon: I agree. I also think it’s about normalizing security practices. For instance, you see Fire Marshals in office buildings with high-visibility vests—it’s a role people understand and accept over time. The same should go for cybersecurity practices. Regular training, phishing simulations, and gamifying these activities can help. Keep it engaging so people remain aware of the importance of security in a fun, non-punitive way.
Jeff: That’s a great point, Simon. Making security fun and engaging is crucial. Now, Joe, once an organization has established this collaborative environment, what’s next?
Joe: Well, once that collaboration is in place, the security team can actually do their job effectively. Security needs participation from the entire organization to function at its best. Without that, it’s impossible to combat the advanced threats we face today. When everyone’s on board, security teams can focus on protecting the organization without constantly playing catch-up or trying to enforce policies that hinder productivity.
Jeff: Fantastic. That wraps up today’s session on Security Analytics as a Team Sport. Collaboration is key to moving forward as an organization and staying secure. Join us next Wednesday for the final part of the series, where we’ll be discussing the line between threat hunting and detection. Now, let’s open the floor for questions.