While writing my Real Words or Buzzwords? article series, I realized that it’s not just the security technology industry progress that suffers (manufacturers and service providers) – the risk mitigation programs of security practitioners suffer as well.
How Planning Falls Short
One of the most significant issues with buzzwords is that they create a misalignment in the thinking of the parties who collaborate on risk mitigation measures. Additionally, the lack of clarity on Buzzword meanings obscures the relevance of applicable technology capabilities. The result is security technology planning and design that needlessly fail to adequately address security needs. That happens because the parties aren’t able to fully consider the innovative features and technical capabilities that act as force multipliers for security, and also provide actionable business intelligence for certain business functions. Traditional technology strategic planning – if performed at all – falls short of providing the value that could be achieved. This is a bigger issue than is generally known.
What’s more, today’s data-aware companies understand how to turn data streams into actionable insights in the various functional areas. Today’s physical security technologies can now provide such capabilities – as retail companies have already known and have been leveraging for over over five years. But that thinking generally hasn’t arrived in most corporate security functions, and thus they don’t seek out the security and business value that such capabilities can provide.
Effective Technology Strategic Planning
Currently many large companies spend an inordinate amount maintaining legacy technology deployments. Traditional thinking proposes rip and replace projects that would lower maintenance costs, but the millions of dollars invested all over again in newer but similar technology wouldn’t materially advance security or business capabilities. This is why a current-day security technology strategic investment strategy is critically important from both security-effectiveness and cost-effectiveness perspectives. It enables selective technology upgrading that favors capability and value over newness, making the most of existing investments while transitioning cost-feasibly into advanced security operations and data capabilities.
What Does It Take?
There is definite preparation required for this kind of strategic planning, to be able to move beyond the decades-old legacy security system functionality and achieve the advanced organization-specific security and business benefits that organizations deserve for their security technology investments.
RBCS and D6 Research have identified four key steps that organizations should be taking BEFORE developing requirements, meeting with vendors, or considering any specific system. Organizations should be looking more toward a platform approach that is capable of today’s requirements but is agile enough to handle evolving threats and security practices that are expected to evolve and mature.
In a free 25-minute phone call, you can explore how security technology strategic investment planning would work for you.