IDC PlanScape: Security Resource Optimization

IDC PlanScape Figure

• Figure: IDC PlanScape: Executive Summary of Security Resource Optimization

Executive Summary

Why Is Security Resource Optimization Important?

• Improve Security Resource Allocation Methods to Focus on High-Priority Risks

• Enable Improved Cost Optimization Analyses, Metric Calculations, and Benchmark Standards of IT Security Costs

• Better Communicate the Cost of IT Security Services by Aligning Costs to Their Business Purpose

• Properly Evaluate and Optimize the Security Portfolio of Products and Services

What Is Security Resource Optimization?

• Cybersecurity Functions Described: The Four Disciplines of Security Management

• Identity Management Services

• Identity Management Subservices

• Identity Management Assets

• Vulnerability Management Services

• Vulnerability Management Subservices

• Vulnerability Management Assets

• Trust Management Services

• Trust Management Subservices

• Trust Management Assets

• Threat Management Services

• Threat Management Subservices

• Trust Management Solutions

Who Are the Key Stakeholders?

• CIO and IT Management Team

• Business Management Teams

• IT Security Management-CISO

• IT Department Heads

How Can My Organization Take Advantage of Security Resource Optimization?

• Create a RACI Matrix

• Table: IDC's Cybersecurity RACI Matrix

• Collect All Costs for Security Functions

• Optimize Using Risk Reduced per Unit Cost

• Estimating Risk Reduction

Advice for Technology Buyers

• Immediately: Prior to Budget Completion

• Next 6 Months: Include in Budget

• Over 12-24 Months

Related Research