Successful business strategy is about actively shaping the game you play, not just playing the game you find. -Adam Brandenburger & Barry Nalebuff When you are first starting out in redefining how you are operating your security program in a customer-centric context, you need to think about a few key concepts familiar to any new […]
What kind of value do YOU bring?
UncategorizedAs the manager of “ME, Incorporated,” you are in the B2B space. Your customer is your employer. If he doesn’t buy your services, you are out of a job. Your employer’s employers are his customers. If they don’t buy his products, he is out of business… And so are you. via The Only Way […]
If your business were a black box machine…
BMoSA well-defined business model should clearly articulate your function in the market, including how you make money, what inputs you depend upon, who your target customers are, and what value you are creating for them. It is a structural representation of how your business functions that concisely articulates what opportunities and challenges you will encounter […]
Threat Monitoring
Inbound LogisiticsWhat is Threat Monitoring? The ongoing collection, analysis, and review of attempted and/or successful compromises at the network, platform, data and process levels. Process Overview The purpose of the Threat Monitoring Process is to standardize and explain the processing activities and steps involved in monitoring threat conditions to organization information assets. Supporting Technologies Network threat […]
Creating the Security Business
IntroductionWhen you are first starting out in redefining how you are operating your security program in a customer-centric context, you need to think about a few key concepts familiar to any new business. What business you are actually in? Do you want to be perceived, and perhaps more importantly, do you want to operate, as […]
Defining Security Strategy
IntroductionWhen developing your security strategy, it is important to recognize the limitations on your team. In this case, choosing what to do is often less important than choosing what NOT to do. This deck is used to drive conversation around the choices we make as security practitioners in what we choose to tackle, and what […]
Language of Risk
IntroductionWhy is “The Language of Risk” so important right now? What are the drivers for Business and Security to speak the same language? The answer is change: massive, fundamental change in both camps. Technology has moved to center stage as a partner in business enablement, and has brought along its associated risks. IT and IT […]
Information Security as a PSF
UncategorizedCan security operations be run as though it were a Professional Services Firm (PSF)? Management guru and firebrand Tom Peters thinks so, and so do I. I first read Tom’s book, “The Professional Services Firm 50″, when it first came out, back in 1999. And I have to say, after spending the first few years […]
Law, Strategy and Competitive Advantage
Competitive AdvantageIn the hunt for sources of competitive advantage, scholars have identified opportunities in most business-related disciplines, including marketing, accounting, human resources, and management. Competitive advantage from cross-functional perspectives such as organizational capital, human capital, and global competition have also received vast amounts of scholarly time and attention. The end result has been a cornucopia of […]
Competitive Advantage Defined
Competitive AdvantageWhat are you choosing to do differently than your rivals in order to create and sustain value for your organization?