Technology that detects. People that defend. Common Issues Facing Security Teams Demonstrating meaningful, ongoing, business risk reduction The threat landscape is in constant motion. The threat actors and their favorite techniques are evolving. Your organization is changing, both in terms of its infrastructure, the tools it is using, and its business strategy. As such, it is more important than ever to understand how threats can affect day-to-day operations and how to relay that information to business leaders. Ensuring access to skills and experience There is a massive skills shortage in cyber security; which makes hiring and retention an issue. You can’t overload your team with menial tasks. If you are giving your team dull and repetitive work because you don’t have the right tools in place, you’ll lose them to more interesting, better paying opportunities. www.baesystems.com/cyberreveal The challenge is getting the right-sized team appropriately tasked – not overloaded, but doing meaningful, interesting work. Demonstrating and maximizing ROI on security investments There is no shortage of security devices out there. They can supply you with a lot of information but relating that into actions to take can be difficult. You might have put in an email security device, but unless you are measuring what malware is hitting your company and see a corresponding reduction in alerts, then how do you measure its success? Demonstrating ROI on managed services, one of your larger expense areas, is difficult if your reporting doesn’t support it. Having business relevant reporting is key to bridging the gap between security and business metrics. So, how do you solve these problems? This is driven by the kind of security team you are. Technology that detects. People that defend. Complicating Factors for Security Teams Security needs to become more strategic, relevant and integrated into decision making. However, businesses still struggle with how to view cyber threats not simply as technical, but as critical risks. Is this the fault of the business or the security teams? You are also comfortable in assessing and implementing security technologies to protect the business. It also makes the process easier to educate, advise and influence activities with cyber risk implications. Driven by business risk and delivering business value How do you change the conversation from your problems to solve to the organizations problems to solve? How do you become business relevant? Security teams who are able to step beyond a tactical, The ability to have a shared technical level are more likely perspective is critical. to gain credibility and support Security teams need to express among leaders across the themselves in business terms business. Having the ability and metrics in order to become to communicate in terms a strategic player across of business risk allows the enterprise. increasing relevance and Across the board there are two support from stakeholders including the board. types of security functions: Creating a strategic framework Driven by technology of security, risk awareness Most security teams tackle and cyber risk resilience issues piecemeal as they delivers a common language deploy and employ point for business unit leaders solutions for point problems, and security teams. This while reporting on the encourages business and cyber effectiveness of the security security alignment and allows architecture. You may be great for faster innovation. at understanding the threat landscape and managing the effectiveness of your program. Leaders within your business are wrestling with their own priorities related to new products and markets, mergers and acquisitions. They are not immediately or obviously related to technology or security, but they have important cyber risk implications. A main objective for the security team when interacting with key stakeholders should be to become a trusted advisor who proactively helps illuminate these issues. www.baesystems.com/cyberreveal