Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Education & Training

4 Ways to Improve IT Collaboration

By Ron Woerner
Employees over a computer
March 1, 2013

For a long time, security was its own entity in the IT infrastructure. Security and IT didn’t always see eye to eye, and there were often points of contention. Nowadays, as collaboration between the two has become more common, both IT and security are combining forces to better understand the risks and threats to the enterprise.  IT looks at security for expertise on finding weaknesses, how they can exploited, and how big that particular weakness or vulnerability is. Security needs IT to help implement proper controls.

As this collaboration increases, there are four ways for security professionals to better understand the relationship between security and IT (and even the business) in order to better protect the enterprise and make themselves more valuable to their companies in the process:

1)         Get out of your chair. You don’t establish relationships by sitting at your desk and sending emails. You establish relationships by talking to people as much as possible, whether it be face-to-face, over the phone or using new technologies, such as Skype. Develop relationships with those in the IT department and in other business areas within your company. As you develop these relationships, start to work on building trust by listening to the problems of those in other business areas and sharing your problems as well. Help your colleagues by showing them that you care about their issues and want to help them solve their problems. People don’t care how much you know until they know how much you care.

This also means becoming involved with different organizations, whether it be a local or online chapter. Some of the larger organizations are ISSA (the  Information System Security Association) and ISC2 (the International Information Systems Security Certification Consortium). Both of these have local and national chapters. Another is InfraGard, which is an organization that works in conjunction with the FBI to discuss all aspects of security.   

 Participating in these groups will make you realize that you are not alone as a security professional. Others have walked the same path for years and are eager to help those in their community.

2)         Attend conferences and meetings at both the local and national level. This ties into No. 1 quite a bit, but it’s important for security professionals to attend both security and IT conferences. These are opportunities for you to get out and meet people and to find out what are the latest threats and vulnerabilities. At the conferences, you can watch presentations from industry experts to stay up to date on what’s happening out there in the world of IT and in the world of security – or even in the world of business. You can also learn more about the current best practices and standards by talking with those that are at the cutting-edge of their process or technology.

3)         Pursue formal training and/or education. First, understand the difference between training and education. Training will teach you a very specific skill, while education teaches you the critical thinking necessary to work with those skills. On the training side, there are numerous classes you can take to boost a particular skill.

On the education side, it is important to realize that technology alone does not solve or prevent problems. Technologies are just tools you use by having the right training and experience. With education comes the knowledge and critical thinking skill set necessary to solve not just one problem but multiple problems. Another thing that education gives you is exposure to different subject areas and problems within each of these subjects, as well as knowledge about how to solve these problems using many different types of tools and techniques.

You’ll need the right combination of training and education in order to get hired and do well in your position. There is no magic bullet where you can say, “Well, if you do all of this, you’ll be guaranteed a job.”

4)         Always Be Curious (ABC). You can also call this “always be learning.” One good problem-solving technique that I use all the time is called the “five whys.” Ask yourself why five times. For example, why is this a problem? Why did this occur? Why wasn’t this prevented? Why is this the best solution? Why will my solution prevent the problem from occurring again? This includes using the professional network discussed in the earlier points to discuss the situation with professionals both inside and outside your company. Make sure to read current news, websites, blogs and literature. Going back to the collaboration between security and IT, don’t just read about security but also read about IT and the business practices in other parts of your industry. Understand how your business works, and what your company is in business to do. Most companies are not in business to do security, and you should know what your business processes are.

Another important part of being curious is studying on your own. Do your homework. If you aren’t familiar with a topic, you don’t need a big budget in order to learn more about it. There are a ton of free resources on the Internet. In addition, don’t be afraid to use your network to learn more. If you don’t know much about a particular technology, find an expert to answer your question. Ninety-nine percent of the time, someone will be willing to help you if you come across as being curious and wanting to learn.

The last part is being willing to play. Get out and practice on your own systems. Try out new things, and set up your own virtual lab. It doesn’t cost anything, and PCs are so robust nowadays that it is very easy to set up a virtual lab on one computer. One of the best ways to learn is to use your own systems, and if you accidentally destroy something, all that is harmed is one of your own systems. And, if it’s a virtual system, you can just wipe it away and restart it without hurting your base system.

One thing to keep in mind is that to be a good security professional, the most important attribute is maturity. Once you’ve been around the block and understand how things work, you will know how to influence your environment in a positive fashion in order to improve security.  In addition, you will know how to see things from others’ viewpoints in order to understand whether they have a valid concern or are just throwing up a roadblock. But, how does one gain this maturity? This goes back to attending conferences, pursuing more training and education, and remaining curious. Performing these activities within your organization and outside network will give you a chance to learn how things have been done in the past, whether procedures or solutions can be successful, and whether there might be some pitfalls.

This maturity will also help you tackle complicated problems and come up with more than one potential solution, as problems often are not black and white with only one solution. Proper problem definition is often a key challenge, and these techniques will put you in a position to best identify ways to approach problems and solutions from both a technical and non-technical standpoint. 

 

This article was previously published in the print magazine as "Want Better IT Collaboration? Be Willing to Play (and other tips)."

KEYWORDS: CISO collaboration with IT interdepartmental cooperation security training

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Ron Woerner is a noted speaker and writer in the security industry and the Director of the M.S. Cybersecurity program at Bellevue University, an award-winning leader in educating adult learners online and in the classroom. He has 20 years of corporate experience in information technology and security, and he has worked for HDR, TD Ameritrade, ConAgra Foods, Mutual of Omaha, CSG Systems and the State of Nebraska. Ron earned his B.S. in computer science from Michigan State University and his M.S. in information resources management from Syracuse University. He is a Certified Information Security Professional (CISSP) and Certified Ethical Hacker (CEH).

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Red laptop

Cybersecurity leaders discuss Oracle’s second recent hack

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Corporate cyber war

    4 Challenges to Address in Corporate Cyber War

    See More
  • Education feature image

    Educating Employees to Build Better Cyber Security

    See More
  • Generic Image for Cyber Security

    Hire a Hacker: A 2013 Security Imperative

    See More

Events

View AllSubmit An Event
  • October 17, 2024

    How to Assess and Hone Your Security Program

    ON DEMAND: In this webinar, Erik Antons, a security risk management executive with more than 20 years of working in the Federal Government, energy, hospitality, and manufacturing sectors, shares his perspective on the building blocks of a successful manufacturing security program.
  • January 17, 2012

    Axis Communications' Academy 2-day Fundamentals Training

    Network Video Fundamentals is the building block of the Axis Communications' Academy training program. The fundamentals have been developed and refined to meet the educational requirements of both traditional analog CCTV and IT professionals.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing