Optimize Security Operations without Overspending

Build up your security operations function to manage security risks more effectively.

Unlock

This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

Your Challenge

  • Organizations often struggle to manage security risks and meet compliance requirements while being required to minimize the total cost.
  • Enterprises are finding themselves in a very difficult situation of keeping up with new ever-emerging security threats and speeding up the response time with respect to the volume, velocity, and variety of security events.
  • Some organizations struggle to demonstrate the value of security functions to leadership and to ensure that information security goals are aligned not only with overall enterprise-wide business goals, but also with various departmental and functional goals.

Our Advice

Critical Insight

  • Threats are evolving every day and seen as unforeseeable and diverse. Protecting information has become less about technology and more about contributing to sustainability of your organization as a whole.
  • Make technology work for your people, not the other way around. Strong people and well-defined processes can result in an operationally effective security operations function (SOF). Information security management is also the balance of security, cost, and ease of use.
  • Information security needs to be more strategically positioned beyond the IT function. It is essential that SOF resources and activities are aligned to support the overall business strategy and are helping to create business value.

Impact and Result

  • Maximize your success and credibility by clearly defining your SOF mission, vision, and responsibilities.
  • Create an executable plan by assessing challenges, identifying gaps, and building an implementation roadmap.
  • Continuously improve by establishing a holistic metrics program.

Contributors

  • Gabriel Lourenco, Opensoc
  • Jason Bevis, FireEye Labs
  • Diana Kelley, IBM
  • John Li, More Secure Computing
  • Shephard Mphambela, T-Systems South Africa
  • Maclaud Mafaiti, Sasol LTD
  • Simphiwe Mayisela, IT Security Manager, Sun International
  • Andrew Chester, IT Security Manager & CISO

Get the Complete Storyboard

See how all the steps you need to take come together, with tools and advice to help with each task on your list.

Download Now

Get to Action

  1. Define the SOF in the organization

    Identify and understand what really matters to the organization.

  2. Analyze challenges with respect to technology, process, and people

    Analyze explicit and hidden challenges and allocate resources more effectively.

  3. Design the organization's SOF: Technology

    Understand security pressure posture. Understand SOF framework and technical capabilities.

  4. Design the organization's SOF: Process

    Understand process capabilities for low, medium, and high security pressure posture.

  5. Design the organization's SOF: People

    Understand resource capabilities for low, medium, and high security pressure posture.

  6. Make the right decision: to outsource or not to outsource

    Identify the key factors in making the decision, and decide whether to outsource or not.

  7. Implement SOF cost-effectively, step-by-step

    Build the organization's SOF roadmap, business case, and project charter to make the shift, close the gap, and make it happen.

  8. Build the measurement program

    Evaluate the effectiveness of the SOF and continuously improve.

Guided Implementation icon Guided Implementation

This guided implementation is a six call advisory process.

  • Call #1: Define SOF in your organization

    Benchmark the best practices. Define your SOF by integrating the best practices into your organization’s specific context.

  • Call #2: Identify your challenges

    Do you know what you don’t know? Analyze the explicit and hidden challenges you are facing in terms of technology, process, and people.

  • Call #3: Conduct holistic gap analysis

    Know the gap and then move forward. Create a solid gap analysis report by conducting a holistic security risk assessment (interviewing with stakeholders) and establish the solution plan.

  • Call #4: Evaluate and select MSSPs

    Choose the right fit and make your life easier. Create a shortlist of MSSPs, build a proper RFP, and evaluate RFP responses.

  • Call #5: Establish a detailed and actionable project plan

    Build an actionable project plan to get things done more cost-effectively. Document an actionable project plan (month/week/day) based on advice and suggestions from solid project management experiences.

  • Call #6: Establish a holistic measurement framework

    Measure it and improve it. Analyse the specific requirements, build a holistic framework of measurement program and KPIs and setup an implementation plan.

Onsite Workshop

Module 1: Define the SOF in your organization: What really matters to you?

The Purpose

Understand differences between traditional and next generation SOF. Understand why building an appropriate SOF is important. Understand what are the core roles and responsibilities.

Key Benefits Achieved

Assess what SOF exactly means to your organization. Clearly define SOF mission, vision, and responsibilities.

Activities: Outputs:
1.1 Introduce different terms.
  • Draft SOF mission, vision, and responsibilities
1.2 Discuss the importance of SOF.
1.3 Discuss core roles and responsibilities.
1.4 Exercise: Define your own SOF.

Module 2: Understand the challenges your organization is facing in terms of building and operating SOF

The Purpose

Understand what other organizations see as challenges when designing and implementing SOF. A comprehensive understanding of your own security event situation in terms of the sources, your current capability and the volume trends in the future. Understand the major challenges your organization is facing with respect to technology, process and people.

Key Benefits Achieved

Be able to clearly present your current challenges. Understand whether your current capability is sufficient to deal with security events.

Activities: Outputs:
2.1 Introduce the common challenges.
  • Information Security Event Analysis Report
2.2 Understand your security events.
  • Challenge Analysis Report
2.3 Exercise: Identify your own challenges.

Module 3: Aligning technology to scale security to threats

The Purpose

Understand the concept of security pressure posture. Assess your own security pressure posture. Understand the content of SOF framework. Identify your actual technical capability requirement.

Key Benefits Achieved

You are able to assess your on-going security pressure posture based on the tool provided. You are able to build the technology section of your own SOF framework.

Activities: Outputs:
3.1 Introduce security pressure posture.
  • Security Pressure Posture Analysis Report
3.2 Exercise: Assess your security pressure posture.
  • Gap Analysis Report - Technology
3.3 Understand SOF framework and technical capabilities.
3.4 Exercise: Design your own technical capabilities.

Module 4: Aligning process to scale security to threats

The Purpose

Understand process capability for organizations with different security pressure postures. Identify your actual process capability requirement. Assess the gap between your current status and your target.

Key Benefits Achieved

You are able to build the process section of your own SOF framework.

Activities: Outputs:
4.1 Introduce resource capabilities.
  • Gap Analysis Report - Process
4.2 Exercise: Design your own process capabilities.

Module 5: Aligning resource to scale security to threats

The Purpose

Understand the resource management capabilities for organizations with different security pressure postures. Identify your actual resource management capabilities requirement. Assess the gap between your current status and your target.

Key Benefits Achieved

You are able to build the resource section of your own SOF framework.

Activities: Outputs:
5.1 Introduce resource capabilities.
  • Gap Analysis Report - Resource
5.2 Major roles and responsibilities in SOF.
  • Gap Analysis Report-Consolidated
5.3 Options for staffing and providing services.
5.4 Exercise: Resource management gap analysis.
5.5 Exercise: Consolidate gap analysis.

Module 6: Make the right decision: To outsource or not to outsource, that is the question

The Purpose

Analyze the potential options and their advantages and disadvantages. Identify the key factors which impact your decision.

Key Benefits Achieved

You are able to identify the key factors for making the decision. You are able to make your own decision on outsourcing or not outsourcing.

Activities: Outputs:
6.1 Introduce options for implementing your SOF.
  • In-House vs. Outsourcing Decision Analysis Report
6.2 Discuss pros and cons: in-house vs. outsourcing.
6.3 Exercise: Make your own decision.

Module 7: Make the shift, close the gap: Implement your SOF cost-effectively step-by-step

The Purpose

Analyze the key success factors for your organization’s SOF initiatives. Understand what contributes to a good roadmap, business case, and project charter

Identify major considerations for the project plan.

Key Benefits Achieved

You are able to build your own SOF roadmap, business case and project charter.

Activities: Outputs:
7.1 Analyze key success factors.
  • Drafted SOF roadmap
7.2 Exercise: Paint the roadmap.
  • Drafted SOF business case
7.3 Exercise: Build a convincing business case.
  • Drafted SOF project charter
7.4 Exercise: Establish your project charter.
7.5 Major considerations for the project plan.

Module 8: Build your measurement program

The Purpose

Analyze how security metrics help SOF run more effectively. Understand the metrics framework and critical KPIs

Discuss how to build your own metrics program and KPIs.

Key Benefits Achieved

You are able to establish your own metrics program. You are able to build your KPIs step-by-step.

Activities: Outputs:
8.1 Discuss the importance of effective metrics.
  • Drafted security metrics program and KPIs
8.2 Understand security metrics framework.
8.3 Understand security KPIs.
8.4 How to establish metrics program and KPIs.
8.5 Exercise: Build your own metrics program.

Workshop Icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book Now
GET HELP Contact Us
×
VL Methodology