So you’ve successfully implemented End-Point Protection, Vulnerability Assessments, Identity Management, Application Monitoring, Log Management, Event and Incident Management and Compliance Auditing…now what?
You may find yourself overwhelmed with managing and maintaining you’re current Security Service portfolio while attempting to assess new threats to your organization. I’ll provide some tips on how to not only stay afloat, but maximize your return on security investment (ROSI).
1. Keep With Your Core
Have you ever looked around your house while dicing an onion? I have and two stiches and a hospital visit later, I learned a valuable lesson about focus. The minute you take your eye off the ball, the reality you were feverously engulfed in, completely disappears. Like every shinny new MBA grad student will tell you, stay with your core competency if you want to survive and thrive. The same can be true when discussing your Security Service Portfolio. Mastering the service you are providing takes dedication and buy in from you and your organization before you can convince the business to invest in more services from you. (Translation: they are investing in you).
2. Staff Appropriately
Boats don’t sail on their own. You need a crew all rowing in the same direction to make it move. Standing up a new program means that staffing is critical. The activities they will be performing in the next year should translate into what percent of a Full Time Employee (FTE) you will need to succeed. Here I use the SIMA method to estimate the time.
- Support – this will cover break fixes, helpdesk tickets, knowledge base articles and training.
- Innovate – these are your “big swings” that have a have large scope, influence the entire “system” and will pay high returns. For instance, correlating event data across security safeguards to build a security intelligence database (SID).
- Maximize – process optimizations that improve efficiency and therefore, returns on your investment. For instance, automatic incident tickets for unmitigated malware.
- Audit – routine checks on access control and overall system health.
3. Know What To Drop
Like you’re collection of Olympic Wheaties cereal boxes, sometimes you have to let things go. If you are working on a game changing new security innitiatve and don’t have the funds to staff, moving a difference service in maintain mode may be your best bet. Be sure to pick out a mature area with mid- level visibility. Don’t forget the A in SIMA. Plan on scheduling a monthly / quarterly audit to keeps tabs on progress.
4. Have Fun
While Information Security may put you in high pressure situations, make sure you’re having fun. Positive attitude translates into positive outcomes. Adding some levity to the grid will have a positive affect on you and your team.