Get Instant Access
to This Blueprint

Security icon

Exploit Disruptive Security Trends for 2015

Don’t become a security headline due to something you didn’t know existed.

  • Security leaders must proactively monitor and evaluate major IT trends, the threat landscape, and the security market to identify input for strategic business initiatives and to become trusted advisors to the board.
  • Security leaders are short on resources to fight existing fires, let alone to allocate resources to develop forward-looking insights into what may happen to their organization.
  • They will need to be able to present a strong security perspective on the latest security trends if they are to be taken seriously and earn a seat at the C-suite table.

Note: View our 2016 disruptive security trends report here.

Our Advice

Critical Insight

Don’t be caught unaware about something that you didn’t know existed.

  • Security is not included. For almost any new disruptive technology being presented to the market, security is not included or supported by the manufacturer or seller.
  • Don’t be the Death Star. Not only do security threats change and evolve, vulnerabilities can appear overnight and can be just as harmful.
  • Security has left the building. Security is moving more into the hands of the experts and out of individual organizational control.

Impact and Result

  • Proactively evaluating the security impact of major disruptive technology trends, threat landscape developments, and security market trends can provide a highly security-intelligent, managed risk approach to security spend.
  • The CISO or security team can leverage this forward-looking understanding to influence business strategy decision making in order to realize more overall security value.
  • You will have a well-defined and understood approach for monitoring and evaluating major IT security trends and opportunities.
  • There will be enablement of the CISO or security leader to be prepared for eventual conversations and requests from business units and the CEO so that they may turn ad hoc security into a long term proactive program that will no longer impede business changes.

Exploit Disruptive Security Trends for 2015 Research & Tools

1. Make the case for looking forward, as well as proactively planning for disruptive security trends

Prepare for the likelihood of market or technology disruptions.

Storyboard: Exploit Disruptive Security Trends for 2015
Disruptive Security Trends 2015 Business Informational Deck
Disruptive Security Trends 2015 IT Informational Deck

2. Assess disruptive security trends’ relevance to the organization through stakeholder assessments

Adapt the organization to prepare for disruptive security trends.

Business Disruptive Security Trends Survey
IT Disruptive Security Trends Survey
Disruptive Security Trends 2015 Relevance Tool

3. Assess current security maturity and capability levels

Assess the organization’s risk profile to better understand the relevance of certain trends.

Disruptive Security Trends 2015 Requirements Tool

4. Identify and prioritize actionable disruptive security opportunities

Identify which disruptive technology trends are relevant to the organization and develop methods to take advantage of them.

5. Create an action-orientated communication plan to gain stakeholder buy-in

Develop a communication plan to strategically address these trends, threats, and tactics.

Disruptive Security Trends 2015 Results Deck

Workshop: Exploit Disruptive Security Trends for 2015

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: What should I be aware of?

The Purpose

  • Make the case on why you should not only be looking forward, but also proactively planning for disruptive security trends.
  • Assess disruptive security trends’ relevance to your organization through stakeholder assessments.

Key Benefits Achieved

  • Identified specific project goals.
  • Determined trend relevance from educated stakeholders.

Activities

Outputs

1.1

Present disruptive technology trend to business stakeholders.

  • Relevance of the technology trends to the business, as viewed by the business stakeholders.
1.2

Collect their input via a survey.

1.3

Present disruptive security trends (including technology trends, threats, and mitigation tactics) to all IT staff.

  • Relevance of all the security trends, as viewed by the IT and IT security staff.
1.4

Collect their input via a survey.

Module 2: What is relevant to me?

The Purpose

  • Assess current security maturity and capability levels.
  • Identify and prioritize actionable disruptive security opportunities based on trend relevance and company risk profile.
  • Determine security actions specific to each trend.

Key Benefits Achieved

  • Evaluated current security controls and determined future requirements.
  • Prioritized trend-specific actions.

Activities

Outputs

2.1

Assess your risk profile.

  • Risk profile and security assessment of your organization’s controls.
2.2

Assess current security control capabilities and maturity levels.

  • Prioritization of the security trends, along with specific actions for your organization.
2.3

Prioritize trends, threats, and tactics to properly allocate your time and develop specific actions.

Module 3: How do I communicate this?

The Purpose

  • Create an action-oriented communication plan to gain stakeholder buy-in.

Key Benefits Achieved

  • Customized communication plan.
  • Gained stakeholder buy-in.

Activities

Outputs

3.1

Identify goals and objectives for your communication plan.

  • Identified goals and objectives.
3.2

Determine who your stakeholders are and what they need to know.

  • Identified stakeholders and the pertinent information to each audience group.
3.3

Evaluate your communication methods.

  • Set communication plan to raise awareness and gain buy in from your stakeholders.
3.4

Communicate the security issues with your stakeholders.

Unlock This Blueprint
Exploit Disruptive Security Trends for 2015 visualization

Don’t become a security headline due to something you didn’t know existed.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 3-phase advisory process. You'll receive 7 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: What to be aware of
  • Call 1: Discuss project priority and develop goals and benefits.
  • Call 2: Discuss disruptive security trends and respective insights, as well as how best to communicate them.

Guided Implementation 2: What is relevant
  • Call 1: Discuss your current security maturity and capability levels.
  • Call 2: Discuss disruptive security trends’ relevance and prioritization.
  • Call 3: Identify internal resources and how to translate security requirements into specific actions.

Guided Implementation 3: How to communicate this
  • Call 1: Develop your communication plan by setting your goals, determining audiences, and customizing content.
  • Call 2: Execute your communication plan in order to receive stakeholder buy-in and gain resource allocation.

Authors

Wesley McPherson

Filipe De Souza

Contributors

  • Adrien de Beaupre, Certified Instructor, SANS Institute
  • Clay Wilson, VP, Global Security Operations, Foresite
  • Jason LeDuc, VP, Consulting Services, Foresite
  • Atif Ghauri, Chief Technology Officer, Herjavec Group
  • Chester Wisniewski, Senior Security Advisor, Sophos
  • Curtis KS Levinson, United States Cyber Defense Advisor to NATO, North Atlantic Treaty Organization
  • Gwen Beauchmin, Director Canadian Cyber Incident Response Centre, Public Safety Canada
  • Jason Bevis, Global Director of Deployment and Integration, Mandiant division of FireEye, Inc.
  • John Lamboy, CIO/Chief Information Security Officer, eKohs
  • Jon Miller, VP, Strategy, Cylance
  • Ken Piddington, Chief Information Officer and Executive Advisor, MRE Consulting
  • Krag Brotby, Principal, Brotby & Associates
  • Michael Brozzetti, Principal, Boundless LLC
  • Michel Fossé, Consulting Services Manager, Information Security/IT Governance, Risk & Compliance, IBM Canada (LGS)
  • Peter Davis, Principal, Peter Davis & Associates
  • Rafael Etges, Executive Advisor – Cyber Security, Strata Advisory Group
  • Rob Marano, Co-Founder, The Hackerati, Inc.
  • Robert Hawk, Secure Network Designer/Risk and Security Assessment SME, BC Hydro
  • Scott Harrell, VP, Product Management, Cisco Systems
  • Stephan Jou, Chief Technology Officer, Interset (formerly FileTrek)
  • Steve Woodward, CEO, Cloud Perspectives
  • Alex Tosheff, CISO, VMware
  • Brian O’Higgins, Executive Fellow, Mistral Venture Partners

Related Content: Security Strategy & Budgeting

Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
© Info-Tech Research Group | Terms of Use | Privacy Policy