Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Leadership and ManagementSecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Orchestrating Cybersecurity Across the Business Ecosystem

A cyber leader’s guide to learning the business and providing precise support.

By Matthew Doan
digital-cyber
November 7, 2019

We’re now in the throes of digital transformation. In terms of hype, we’re now beginning to edge our way up the “slope of enlightenment,” as Gartner would say. Many organizations are slowly clawing their way forward, grasping the reality that it’s not just about digitizing products and services, but entire business models.

Increasing a business’ digital competence is a need that’ll never go away; continual transformation is required to be competitive in the market. So much hinges on getting digital right that entire new disciplines and executive roles are springing up, including the Chief Digital Officer and Chief Transformation Officer. Change makes many people uncomfortable, but it’s a necessity. Ben Franklin was a man ahead of his time stating, “When you’re finished changing, you’re finished.”

Talking the talk is easy but walking the walk of digital transformation is tricky. Truly digitally-minded organizations are feeling the pains of gaining real traction: organizational resistance, re-engineering the customer experience and making data sources widely accessible are all tough propositions. But one item clearly sits near the top of everyone’s “roadblock” list: cybersecurity.

With on-premise infrastructure quickly fading away and the perimeter now gone, there’s no way to neatly box the cyber problem and treat it with commodity solutions. Modern business is now characterized by a chaotic, hard-to-map web of products, services, business processes, data, applications, infrastructure, organizations and people. Yes, this construct creates customer value…and it produces cyber risk that spreads like wildfire.

The Value of Seeing Your World Through an “Ecosystem” Lens

Despite the challenges of being digital, it’s within this disorder where opportunity lies. As a leader, it’s your task to find stillness and clarity amidst the sprawling and morphing organism known as your business, and help secure it. In fact, we can extend the organism analogy further by learning from the natural sciences realm. It helps to view a business as an ecosystem. Much like scientists in climatology, ecology and biology have used the ecosystem concept to tackle wicked problems in those fields, we can study modern businesses through an ecosystem lens and use those insights to make better decisions, especially in cybersecurity.

British ecologist Sir Arthur George Tansley first coined the term “ecosystem” in a 1935 essay to describe the dynamic transfer of materials between organisms in a given environment. He stated that all the components in an ecosystem are interdependent, needing one another to survive and serve their purpose. Anything that does not fit these criteria is, by definition, not part of the ecosystem. Countless studies show us that it’s the diversity of the environment that keeps an ecosystem productive, stable and durable. Cybersecurity is the same – an ecosystem challenge.

Shedding Light on the Top Need in Cyber

When you start viewing security from an ecosystem standpoint, you’ll see a wealth of dynamics at play. You’ll discover the interdependence among diverse entities, how there are “loops” everywhere and the existence of both living and non-living parts. While insightful, gaining this knowledge can quickly overwhelm any leader and make every challenge feel both critical and urgent. Luckily, there is a key need that every cyber leader should fixate on to bring better cybersecurity across their business ecosystem.

Let’s first acknowledge the noise. Today’s cyber leaders feel a wide range of “hard” and “soft” pains as they help manage enterprise risk and (hopefully) create value. With the former, many organizations are drowning in technical debt accumulated over years (e.g., unwieldy technology infrastructures from M&A activity or security tool overload), they lack clear visibility into their attack surface, or they face difficulty installing good security practices into evolving domains (e.g., cloud, manufacturing, and DevOps). As importantly, cyber leaders struggle with the softer side of the coin: reliably accessing high-end talent, measuring and reporting return on investment and influencing a diverse stakeholder community.

These problems are complex and sophisticated. They require both managerial precision and higher-order leadership (e.g., empathy, abstract thinking and creativity).

It’s easy to get frustrated by the laundry list of potential challenges in cyber – the monstrous list of things you could spend your time on. And that’s exactly what most people do; they drown in the endless risk register. But the best leaders bring extreme focus.

As Greg McKeown pointed out in Essentialism, “The word ‘priority’ came into the English language in the 1400s. It was singular. It meant the very first or prior thing. It stayed singular for the next five hundred years.” That is until we confused things and bent the meaning. Definitionally and contrary to popular belief, we can’t have priorities. That might hurt our minds, but extreme focus matters when a problem is this gnarly. It’s time we concentrate on one overarching problem.

It’s time we see the priority cyber challenge as one of orchestration.

We’re not talking in-the-weeds Security Orchestration, Automation, and Response (SOAR), but orchestration at the macro level: getting all the cyber-relevant resources in your business ecosystem to harmoniously sync on a common mission and work together. Here, you’ll benefit from a team that’s wonderfully diverse in mindset, skillset, organizational positioning and background. Like a maestro masterfully conducting a symphony, the outcome is only beautiful when the constituent elements (people and instruments) learn how to work together.

When you’re effectively orchestrating security across a business, you’ll experience:

  • Multiple levels of insight: the ability to see and interpret challenges and opportunities from different vantage points (think satellite, helicopter and microscope)
  • Tighter connectivity across internal and external teams: a wide appreciation that cyber health is business health, and that it requires diverse parties working together
  • Self-forming collaborations: since empowered relationships among different teams already exist inside and outside the business, there will be faster and more pinpointed problem identification and resolution
  • Better agility and solution scale: small, targeted teams pull from existing toolkits and blueprints to customize solutions for local problems and then scale them for repeatability

Bringing Orchestration to Life

Cyber leaders conduct the symphony, and use orchestration to affect the change they seek to make. We can no longer afford narrow thinking or micromanagement. The problem is too big and dynamic for that. We need help from others. Instead, it’s about empowering, trusting and guiding.

The networked nature of the cyber challenge requires us to operate through orchestration. Doing it well requires that we look inside and outside the organization to first gain holistic understanding. Then, we can tune the collective people, processes and technology that lead to our desired security outcomes. This is hard, but the approach is important.

For the same reason traditional project management is giving way to agile ways of working, we can’t think of orchestration as a linear or one-time approach in cybersecurity. We can’t set it and forget it. Done well, orchestration becomes a meta-capability in your program that continually enables your portfolio of traditional cyber capabilities (e.g., threat intelligence, risk management, incident response) to do what they’re meant to do.

We desperately need the bigger picture to be effective at lower levels. The continuous nature of doing orchestration across your business ecosystem generally involves the following loop:

  1. Crystalize your strategic aims. Think deeply about the problem you’re trying to solve. Start with clarifying your organization’s “why” for cybersecurity. There is no one-size-fits-all strategy, but there are options to consider, such as: business continuity, brand protection, compliance and business growth. Your specific business context drives your choice. By getting business leaders (board members and C-suite) and cyber leaders aligned on purpose, you can create guiding objectives that flow downward and generate meaningful outcomes. Then, whenever you spot a challenge that clashes with these objectives, it’s time to orchestrate a change. Start with clarifying top-level ambition to ensure cyber truly becomes an enabler of business strategy.
  2. Continually map a fresh view of your business ecosystem.  You need a wide-angle view of your world in order to act within it – the people, data and machinery, tied together with real-world relationships and workflows. We can learn “how to map” from a variety of fields. In System Dynamics, we discover that all parts of a system must participate for that system to carry out its purpose. Furthermore, every part of a system either reinforces or balances another part. Just like you need threat intelligence to fuel you hunting activities (reinforcing processes), you need internal and external stakeholders aligned (balancing processes) on the guiding objectives of your cyber program. Or take Value Network Analysis, where we take value chains a step further and look at the more complicated reality of how people and organizations truly interact to deliver customer value. Knowing your business ecosystem gives you the visual required to affect bigger, more systemic types of change. Note: you’ll want help from business leaders to generate this.
  3. Design and implement a cyber operating model tailored for desired outcomes. Once you’ve clarified a strong “why” and possess an ecosystem map, you can methodically design the governance, roles, responsibilities, capabilities and organizational structure required to deliver the right security outcomes. The Operating Model Canvas is a great guide for doing this. Your intent here is to “overlay” security on top of your real business – the chaotic mess that it is. Having a strong operating model also puts sensors everywhere (internal and external), helping you discover weak points and important opportunities for shoring up how and where capabilities exist across the business. Also, embrace the design process and use it to build relationships with key stakeholders outside the cyber organization – you’ll need them.
  4. Mobilize resources to orchestrate change. As a cyber leader, your job is to set things in motion, not micromanage. Be humble, flexible, accessible and visionary. As you scan your environment, zoom in on the opportunities that need the most attention and get to orchestrating. This involves assembling the right group of relevant parties, wherever they exist, and giving them top-level guidance, setting reporting criteria and acquiring resources as your team needs them. Your job is to enable agile, highly-focused groups that (a) are led by creative and highly collaborative individuals and (b) love swarming problems. This way, you’re giving your teams individual “sandboxes” that they have full control over (similar to the U.S. Joint Special Operations Command’s “team of teams” model). Mobilizing these teams may require “going above” and establishing executive alignment to unlock movement or access to a key resource, but it’s all good, because relationship-building is now your thing as chief cyber orchestrator.
  5. Ensure a cycle of continuous learning. Much like we red team cyber capabilities at the operational level, it’s important to continually gauge where the “blind spots” and “cracks” are across your well-orchestrated ecosystem. Since your business and the cyber risk landscape are both so dynamic, the opportunities for improvement will continually shape-shift. Applying your orchestration capability requires you – as the leader – to let go of full control and let localized work happen where the problems exist. And it’s from these smaller networks that you can tap into important nuances – what the best practices are, where you have allies, relationships that you need to build and so on. You’ll want to have a systematic approach to extract, analyze and adopt lessons learned from out in the field. In tandem, this approach will give you data required to update your ecosystem map so that you always have a fresh view.
  6. Make orchestration an enduring capability. As a leader, your job is to work on the system, not in the system. Orchestration is now your specialty. Today, very few cyber programs have a way to “know the business” and take targeted action within it. Sadly, they operate with generic frameworks. To alleviate that pain, make orchestration an ever-on capability within the cyber program. You’ll need it to stay abreast of how business and technology strategies are changing, which informs your own cybersecurity approach. Surround yourself with creative, highly-collaborative people that see the world from a “systems” viewpoint or have design thinking skills. Leading in cybersecurity has evolved from technical mastery to artful teamwork. Knowing your business ecosystem and being able to orchestrate change within it is the key capability going forward.

Conclusion

Most organizations struggle to visualize the swelling cybersecurity challenge, and they’re unable to adapt accordingly. Cyber-related gaps and "blind spots" are continually surfacing, mostly as a byproduct of the business changing to remain competitive. Without a systematic and thoughtful approach to orchestrating security across the business ecosystem, cyber programs will continue to lack in influence and impact.

To make progress, cyber leaders need to work with key stakeholders to understand and structure efforts that match unique business needs. By institutionalizing certain techniques, cyber programs can methodically and repeatably obtain a “picture” of the business ecosystem to gain situational awareness. And by knowing the interdependencies and flows of how a business works, how external parties fit in and where and what the critical assets are, then leaders have a fighting chance to establish an effective and efficient operating model that brings the right capabilities and binds diverse teams using a “shared mission” mentality.

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: business continuity cyber security cybersecurity digital transformation

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Matthew doan

Matthew Doan (@MDecoder1) is a cyber and digital strategist at BCG Platinion, where he consults to top companies across the world. He’s also a Cybersecurity Policy Fellow at New America. His passion is for solving problems at the intersection of technology and human dynamics.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber meeting

    Using Marketing Techniques to Accelerate Cyber Progress

    See More
  • third-party-freepik1170x6.jpg

    Using zero trust to safely power the business ecosystem

    See More
  • workplace-security-freepik

    Powering the office of the future with a security ecosystem

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing