Security icon

Develop a Network Security Roadmap to Lower Incident Costs and Increase Efficiency

Save over $100,000 in consulting fees with a streamlined and accelerated process.


This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)


Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

View Storyboard

Solution Set Storyboard thumbnail


Digital Boundaries

Your Challenge

  • IT security and/or network managers are frequently stuck in fire-fighting mode, and are rarely able to dedicate the time to proactive planning.
  • Compliance and well-publicized breaches are providing increased motivation for IT departments to focus on a forward-thinking plan, but they often have the misconception that it requires outside help.
  • Unnecessary costs are often a result for organizations when they continue to not take their own actions or utilize the information that they already possess.

Our Advice

Critical Insight

  • Creating a roadmap does not have to be overly complicated.
  • If you get the right people in the room who will work hard, this project does not need a month to complete – you could finish a roadmap in two days using information your organization already possesses.
  • Consulting firms will just ask you questions you know you should be asking yourself – save the money.

Impact and Result

  • The short-term impact is that the process will prevent a lot of headaches and costs that an organization will experience if they attempt to create a roadmap through a consulting group.
  • The long-term impacts include increased protection against risks, fewer problems with network breaches, less time spent firefighting, and security costs evening out and eventually lowering as issues are proactively addressed.

Research & Tools

1. Conduct current state analysis

Understand risk tolerance levels and discuss organizational reality.

2. Establish an organization’s threat landscape

Recognize the threats that the organization is currently dealing with and what it might deal with in the future.

3. Create a prioritized network security roadmap

Know what the business requirements are before determining what is needed.

4. Obtain support from business

Highlight key messages for stakeholders to understand.

Guided Implementations

This guided implementation is a four call advisory process.

Call #1 - Determine risk tolerance level

Understand how much risk an organization is willing to accept – this is a key influence on where your roadmap will go.

Call #2 - Establish threat landscape

Understand the organization’s current threats and start anticipating future possibilities with the Information Security Event Analysis Tool.

Call #3 - Create an implementation roadmap

Develop a roadmap tailored to an organization’s specific requirements – business and otherwise – with the Network Security Implementation Roadmap Tool.

Call #4 - Secure business buy-in

Establish a strategy and create a plan to obtain support from business.

Onsite Workshop

Discuss This Workshop

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Conduct Current State Analysis

The Purpose

  • Understand risk tolerance levels.
  • Discuss organizational reality.
  • Establish how much risk your organization is willing to accept.

Key Benefits Achieved

  • Determine risk tolerance level.
  • Understand that risk encompasses business and IT.




Establish risk tolerance level (high, moderate, or low).

  • Risk tolerance level

Establish organizational reality.

Module 2: Establish Organization’s Threat Landscape

The Purpose

  • Understand current threat landscape.
  • Predict future threats.
  • Understand value of third-party pen-testing.

Key Benefits Achieved

  • Establishes baseline of how well you’re handling current threats, and forces you to think more into the future and be more anticipatory of threats.




Understand the threat landscape.

  • Information Security Event Analysis Tool

Anticipate future threat landscape.

Module 3: Determine Roadmap Deployment Priorities

The Purpose

  • Determine next steps in the form of a prioritized roadmap – what do we deploy and when?

Key Benefits Achieved

  • Map business requirements to security needs, bridging an important gap in organizations.
  • Create a roadmap with your organization’s needs in mind.




Determine business requirements.

  • Network Security Implementation Roadmap Tool

Establish security priorities.


Document currently deployed security tools.

Module 4: Obtain Business Buy-in

The Purpose

  • It is one thing to create a roadmap, but business ultimately decides whether to pay for any implementations you request.

Key Benefits Achieved

  • Demonstrate that you have taken business needs into consideration and addressed them within your roadmap to achieve stakeholder support.




Understand business needs.


Establish a communication strategy to sell the roadmap to business stakeholders.

  • Communication and Business Justification Deck