Our systems detected an issue with your IP. If you think this is an error please submit your concerns via our contact form.

Security icon

Build a Service-Based Security Resourcing Plan

Every security program is unique; resourcing allocations should reflect this.

  • IT and security leaders across all industries must determine what and how many resources are needed to support the information security program.
  • Estimating current usage and future demand for security resources can be a difficult and time-consuming exercise.

Our Advice

Critical Insight

Not all security programs need to be the same. A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

Impact and Result

  • Info-Tech’s approach to resource planning focuses less on benchmarks and more on estimating actual demand for security services to ensure that there are enough resources to deliver them.
  • A well-designed security services portfolio is the first step towards determining resourcing needs.
  • When planning resource allocations, plan for both mandatory and discretionary demand to optimize utilization.

Build a Service-Based Security Resourcing Plan Research & Tools

1. Build a Service-Based Security Resourcing Plan – A blueprint to help you define security roles, build a service portfolio, estimate demand, and determine resourcing needs.

This storyboard will help you to determine your security resourcing needs using a service-based approach.

In this project you will assign security service ownership to your team and determine demand and resourcing needs of those services.

2. Security Resources Planning Workbook – This tool will result in a defined security service portfolio and a three-year resourcing plan.

Use this tool to build your security service portfolio and to determine resourcing needs to meet your service demand.


Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.3/10


Overall Impact

$53,710


Average $ Saved

20


Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

Maxion Wheels

Guided Implementation

8/10

N/A

N/A

We are in the middle of working, not finalized.

GENESIS CANCER CARE UK LIMITED

Guided Implementation

10/10

$85,500

20

Excellent experience for Justin to work with Jon on this project, great output too. Thank you.

Utah Transit Authority

Guided Implementation

10/10

$21,920

20

The guidance received from Isabelle Hertanto helped to guide us to see everywhere we were falling short and just how many resources we were short t... Read More


Every security program is unique; resourcing allocations should reflect this.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

MEMBER RATING

9.3/10
Overall Impact

$53,710
Average $ Saved

20
Average Days Saved

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

Read what our members are saying

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 3-phase advisory process. You'll receive 5 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Determine Security Service Portfolio Offerings
  • Call 1: Scope requirements, objectives, and your specific drivers.

Guided Implementation 2: Plan for Mandatory Versus Discretionary Demand
  • Call 1: Discuss roles and duties.
  • Call 2: Build service portfolio and assign ownership.

Guided Implementation 3: Build Your Resourcing Plan
  • Call 1: Estimate required service hours.
  • Call 2: Review service demand and plan for future state.

Authors

Logan Rohde

Isabelle Hertanto

Contributors

  • George Al-Koura, CISO, Ruby Life
  • Brian Barniner, Head of Decision Science and Analytics, ValueBridge Advisors
  • Tracy Dallaire, CISO / Director of Information Security, McMaster University
  • Ricardo Johnson, Chief Information Security Officer, Citrix
  • Ryan Rodriguez, Senior Manager, Cyber Threat Management, EY
  • Paul Townley, VP Information Security and Personal Technology, Owens Corning
  • 13 Anonymous contributors
Visit our IT Crisis Response Resource Center
Over 100 analysts waiting to take your call right now: +1 (703) 340 1171