The missing link

zerod.ai is a Business Reporter client

An effective cybersecurity solution is only as strong as the team behind it – and its relationship with the rest of the business.

The threat of cybersecurity is fast becoming the biggest danger to organisations, with hackers looking to take advantage of any gaps in security. According to government figures, 39 per cent of businesses identified cybersecurity breaches or attacks in 2021, and 27 per cent of these were attacked at least once a week.

There are various reasons why organisations might fall victim, says Alex Malbon, co-founder and CEO of security-focused productivity platform Zerodai, but it’s vital businesses do all they can to protect their systems and core operations. “Some larger organisations are being attacked every day,” he says. “It’s relentless.” A combination of the explosion of digital transformation projects and the rise of remote working means it’s more important than ever for companies to protect their systems and data.

Yet while many businesses invest in security products and teams, there are other factors at play that prevent organisations from being able to build an effective defence. One is the gap between cybersecurity teams and other parts of the business, which can mean that cyber specialists are only brought in late in the day. “The typical view of cybersecurity teams from other people in the business is that they are a blocker,” points out Malbon. “They think it will slow things down if they talk to them, and that’s when problems can happen.”

Another common issue is inefficiency within the cybersecurity team itself, with many projects having multiple stakeholders who are forced to rely on disparate systems, often owned by IT and unfit for purpose. This can lead to teams developing their own solutions in a piecemeal fashion, with projects managed through a combination of emails and spreadsheets.

“A lot of information is not centralised, and there’s not necessarily the transparency required to go back and see what’s happened,” says Malbon. “These are highly paid and highly skilled people but they’re often spending several hours a day just trying to find the information they need to do their job.” Many people are frustrated and burnt out, he adds, contributing to a growing talent shortage in the sector – 51 percent of organisations currently have a gap in their cyber-skills provision.

Malbon and his co-founder Zubair Ahmed set up Zerodai in late 2019, after leaving their previous businesses. Having worked for a number of global organisations, they realised just how common these issues are and became determined to solve them. The platform is now widely used by medium and large organisations, with customers including Domino’s and Marks & Spencer.

Using the platform delivers many benefits, says Malbon. Automating repetitive tasks can free up time for those working in cybersecurity teams. “The vision we have is to turn people into decision-makers rather than data collectors and to use their skills analysing something rather than spending four hours to get to that point,” he says. “It helps to centralise the work they do so they’re all working in one place and allows them to collaborate.” This also means there’s easy access to historic information, he says, making it simpler to go back and identify what was done and when.

Having more time and a single system to provide more visibility also means cybersecurity teams can build better relationships with the rest of the business. “It means the cybersecurity team will have more time to do what they need to, so they are better equipped to keep pace with the business and enable projects to be completed on time with security baked in, leaving companies more secure,” says Malbon.

Another benefit is the ability to provide CISOs with the information they need to make decisions and avoid feeling that they are “driving blind”. “When a CISO joins a company, they’ll define a strategy for the next five years,” points out Malbon. “But when the work happens in silos and different systems, it’s very hard to validate whether their strategy is working or to budget and forecast effectively.

“Zerodai gives them visibility around what the team is working on, which parts of the business they are supporting and which parts may need some help in forming relationships. It makes it easier for them to answer the million-dollar question of whether they are getting better or worse from a security perspective.”

While many of these issues affect medium-to-large organisations, it’s also important for smaller firms to put in place strong foundations. “Once a company is a certain size, it’s always difficult to go back and fix things,” he says. “If you don’t have good tools and processes in place early on, new people coming in will go off in different directions, and you don’t have that cohesion you need to support the business properly.”

The message is that it’s vital organisations understand the importance of people as a key component of a successful cybersecurity approach, believes Malbon. “A lot of companies talk about technology and features,” he says. “Nobody talks about the people. But people have to be happy in their roles if we’re to avoid worsening the mental health crisis that already exists in the cyber sector. Without happy and healthy staff, it’s almost impossible to have an effective security solution.”

To find out more about how Zerodai can help your business, visit zerod.ai.

Originally published on Business Reporter