7. Spend & security effectiveness mismatch
Other
20%
80% OF THE SPEND
IS 30% EFFECTIVE AT
80% SECURING THE
BUSINESS.
Firewalls
, IDS,
Endpoint
Security
Redirect our investments to be: Data Centric & Risk Based 7
9. Step 1: Evaluation
Do you know
your breakdown?
Do you know
your return on
investment?
How do we increase
“Security Personnel”
with Zero Investment?
Evaluate commodity spending 9
11. Step 3: Execute
People, Process, Technology applied to Security
People Process Technology Outcome
+ + = Success
+ + = Poor Adoption
+ + = Inconsistent Operation
+ + = Burden to Scale
+ + = Shelf-ware
+ + = Wasted Effort
+ + = No ability to execute
+ + = No Defenses
Most of the time current Technology's lead back to infrastructure centric models.
12. Step 4: Moving to Intelligence
From Security Operations To Security Intelligence
Wisdom
Value
Knowledge
Information =
Data
The Relative Value of Information