Trial lock

This Research is for Members Only

Not a member? Unlock a free sample of our research now!

Already a member?

Sign in now

Security icon

Identify Opportunities to Mature the Security Architecture

Security architecture does not have to be a shot in the dark.

Unlock a Free Sample

View Storyboard

Solution Set Storyboard Thumbnail

Contributors

  • Todd Felton, Security Architect, OCLC
  • Darwin Ammala, Information Security Manager, Comprehensive Health Services Inc.

Your Challenge

  • Organizations do not have a solid grasp on the complexity of their infrastructure and are unaware of the overall risk to their infrastructure posed by inadequate security.
  • Organizations do not understand how to properly create and deliver value propositions of technical security solutions.

Our Advice

Critical Insight

  • The security architecture is a living, breathing thing based on the risk profile of your organization.
  • Compliance and risk mitigation create an intertwined relationship between the business and your security architecture. The security architecture roadmap must be regularly assessed and continuously maintained to ensure security controls align with organizational objectives.

Impact and Result

  • A right-sized security architecture can be created by assessing the complexity of the IT department, the operations currently underway for security, and the perceived value of a security architecture within the organization. This will bring about a deeper understanding of the organizational infrastructure.
  • Developing a security architecture should also result in a list of opportunities (i.e. initiatives) that an organization can integrate into a roadmap. These initiatives will seek to improve security operations and strengthen the IT department’s understanding of security’s role within the organization.
  • A better understanding of the infrastructure will help to save time on determining the correct technologies required from vendors and therefore cut down on the amount of vendor noise.
  • Creating a defensible roadmap will assist with justifying future security spend.

Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should develop a right-sized security architecture, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Identify the organization’s ideal security architecture

Complete three unique assessments to define the ideal security architecture maturity for your organization.

2. Create a security program roadmap

Use the results of the assessments from Phase 1 of this research to create a roadmap for improving the security program.

Guided Implementations

This guided implementation is an eight call advisory process.

Guided Implementation #1 - Identify the organization’s ideal security architecture

Call #1 - Get an overview of the project
Call #2 - Review the IT Complexity Assessment
Call #3 - Walk through the Operational Assessment
Call #4 - Review the Operational Assessment
Call #5 - Review the Security Architecture Value Assessment
Call #6 - Review the assessment results

Guided Implementation #2 - Create a security program roadmap

Call #1 - Review the identified opportunities
Call #2 - Review the three-year roadmap