Can you see the bigger picture?

By Eric Noonan • February 26, 2013

Day 1 at RSA wrapped up yesterday evening when the vendor expo opened and conference attendees had an opportunity to visit vendors and check out the latest and greatest products. The vendors are primarily products vendors which reminded me how important it is for a CISO to have a services partner to help cut through the FUD and deliver value.

CISO’s are inundated with point solutions, some of them excellent, but many of them duplicative of existing investments. I’ve found that in selecting products the process/project often ends with “100% deployment” leaving security organizations unable to measure the return on their investment. A simplified view of the process goes something like this:

  • Identify a need
  • Hold a “bake-off” and select a product
  • Set deployment objectives (entire enterprise, all Windows desktops, etc…)
  • Achieve deployment objectives
  • Declare victory with reports showing deployment saturation metrics

It’s a missed opportunity for security to instead align with the business and demonstrate quantifiable value by defining the project in the context of the business problem that is being solved. Security organizations can get myopic in viewing risk and laser-focused on point solutions that address specific security requirements missing the opportunity to tell the story of the business issue they are addressing as a part of the bigger picture.

100% deployment isn’t the goal, that’s just your day job.  Enabling the business to engage customers, capture sales and recognize revenue is the goal. When you are in the trenches every day it’s difficult, sometimes impossible, to address the bigger picture but in my experience, the organizations that do are the most effective.

CyberSheath Blog

How to Safeguard Your Company from Phishing

Email is so ubiquitous in our everyday lives that it can be a challenge to always be on guard when receiving messages. Each day it’s not unheard of for each member of your team to have hundreds of messages land in their inbox. How do you make sure that none…

3 Tools to Help Defend Your IT Infrastructure from Threats

With the continually evolving threat landscape and the prevalence of team members working from home, it is more important than ever to be proactive with how your company is protecting itself from cyberattacks.  CyberSheath can help. We offer services to build on all the great work you have already done…

DNS Filtering for Additional Protection of IT Systems

Phase one of securing your IT infrastructure should include protecting your endpoints and safeguarding your employees from phishing attempts. After you have implemented these controls, the next logical step is to launch a DNS filtering solution.   What is DNS filtering and why do you need it? Domain name server…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO