Build a Service-Based Security Resourcing Plan

Every security program is unique; resourcing allocations should reflect this.

Onsite Workshop

Security leaders know that every organization is unique and will need different security resource allocations.

  • But all too often, they lean on staffing benchmarks to justify their requests for resources.
  • While staffing benchmarks are useful for quick peer-to-peer validation and decision making, they tend to reduce security programs down to a set of averages, which can be misleading when used out of context.

A service-aligned security resourcing strategy will put your organization in the best position to:

  • Respond to current and future service demands.
  • Address business needs as they evolve over time.

Module 1: Define Roles and Select Services

The Purpose

  • Identify the roles needed to implement and deliver your organization’s security services.

Key Benefits Achieved

  • A security services portfolio allows you to assign job roles to each service, which is the first step towards determining resourcing needs. Improve employee engagement and satisfaction with clearly defined job roles, responsibilities, and service levels.

Activities: Outputs:
1.1 Assess security needs and business pressures.
  • Security Roles Definition
1.2 Define security job roles.
1.3 Define security services and assign ownership.
  • Security Services Portfolio

Module 2: Estimate Current and Future Demand

The Purpose

  • Estimate the actual demand for security resources and determine how to allocate resources accordingly.

Key Benefits Achieved

  • Allocate resources more effectively across your Security and Risk teams.
  • Raise the profile of your security team by aligning security service offerings with the demands of the business.

Activities: Outputs:
2.1 Estimate current and future demand.
  • Demand Estimates
2.2 Review demand summary.
2.3 Allocate resources where they are needed the most.
  • Resourcing Plan

Module 3: Identify Required Skills

The Purpose

When defining roles, consider the competencies needed to deliver your security services. Make sure to account for this need in your resource planning.

Key Benefits Achieved

Leverage the NCWF to establish the building blocks of a capable and ready cybersecurity workforce to effectively identify, recruit, develop and maintain cybersecurity talent.

Activities: Outputs:
3.1 Identify skills needed for planned initiatives.
  • Prioritized Skill Requirements and Associated Roles
3.2 Prioritize your skill requirements.
3.3 Assign work roles to the needs of your target environment.
3.4 Discuss the NICE cybersecurity workforce framework.
3.5 Develop technical skill requirements for current and future work roles.

Module 4: Future Planning

The Purpose

Create a development plan to train and upskill your employees to address current and future service requirements.

Key Benefits Achieved

  • Skill needs are based on the strategic requirements of a business-aligned security program.

Activities: Outputs:
4.1 Continue developing technical skill requirements for current and future work roles.
  • Role-Based Skills Gaps
4.2 Conduct current workforce skills assessment.
4.3 Develop a plan to acquire skills.
  • Workforce Development Plan
4.4 Discuss training and certification opportunities for staff.
4.5 Discuss next steps for closing the skills gap.
4.6 Debrief.

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
GET HELP
Contact Us