Information Security Silver Bullets

Last Updated on

Reading time: 2 minutes

There I was at an information security expo. Information security silver bullets is a booming business. There are several of these a year in every major metro. They’re day-long, or multi-day events, with dozens of vendors and multiples more attendees. The number of risks, threats, tips, tricks, secret weapons, silver bullets, products, and services represented and featured is overwhelming.

The breadth of offerings is mind-boggling. Some are nearly identical, and some claim to be the one big thing — all you need. In the fine print, most only work with a specific subset of your business, and they conveniently fail to recognize you have both Windows AND Linux systems in operation.

The number and breadth of information security professional certifications is equally amazing, and most require continuing education. Attendance at pitch-fests and vendor sales demos may be counted as continuing education.

On the surface, it seems if we are able to build and assemble a portfolio of these secret weapons and silver bullets, all will be well. To realize the dream, we then must install and configure them correctly, monitor and manage them, upgrade and patch them, build and sustain business processes to do these things, and continue to fund and continuously improve them. Easy, right?

This Is Hard

In reality, businesses buy enterprise solutions like the above with gusto. While budgets still apply, the cost of many of these products and services through modern pricing schemes is actually pretty small and reasonable. The thing is, it’s way easier to license a solution or buy a product than it is to consistently do all the “easy” things in the paragraph above this one. We license the product. Heck, we may even have or hire a bright staff member who knows how to use it and is willing to take on implementation and ownership. We may even double up and pay for some training, or hire the vendor to help install, configure, and transition management to the internal owners — due to budget, time, and staffing constraints, this works better some times than others.

In the end, all the standard constraints apply. Often, the full set of product features is not implemented due to time or staffing constraints. The list of opportunities, features, and business requests is far longer than the team can implement in any given business cycle. Staff will turn over and rarely hands off the program fully to their replacements. Budgets commonly require functional managers to cut cost annually and “do more with less”. Corners are cut — temporarily. Temporary corners become a list of projects to be done over a business lull or holiday “slowdown”, which never comes. Project lists become risks reported to senior managers. Risks become budget requests.

At least we can tell the auditors we have the product installed. Maybe they won’t ask any more questions. If they do, we’ll take an audit finding, then put the work in our budget request for next year.

Hopefully we won’t have a major security incident. Well, if we do, at least we can say we did something beforehand.

Consider And Act

  • What silver bullets have you or your company acquired?
  • If you own a silver bullet, are you realizing all the value you envisioned?
  • What is necessary to increase ROI?
  • If you had to do it all over again, what would you do differently?

Tags: , ,

Last Updated on

Reading time: 2 minutes

Hi, I’m Dylan Cornelius.

I’ve spent my career helping Fortune 500 companies build custom products and change the lives of their employees and customers.

Now I teach people everywhere how to get great results, manage change, and change their lives, with product development, continuous improvement, and agile management practices of the best businesses.

It can work for self development, life problems, your fitness plan, and chronic illness. Of course, it can even help at work.

I was the first son of a new teen mom. By the time I was 2, she was a single mom of 2, living with her parents and working a retail job as a cashier at a pharmacy. She remarried by the time I was 4.

My stepfather adopted me and my brother. He worked in construction 7 days a week to support the family.

Throughout my childhood, I learned firsthand the value of hard work. I was first in my family to do many things, and I’ve often done them the hard way: college on student loans while living on campus at UC Berkeley, an MBA while working full time. Later in life I ran a marathon, then 4 more and counting… I’ve learned multiple definitions of ‘healthy diet plan’, first as I lost 50 pounds, then again after I earned an autoimmune diagnosis.

In graduate school, I concentrated in “Management of Innovation” — after all, I worked in Silicon Valley, and I’d grown up just down the road! It was there I learned we don’t have to work so hard, (but it helps)!

We don’t have to rely on trial and error or hope, or just settle for less than we really want.

There’s a better way to get great results and change your life.

Let me show you how to manage change, get great results, and change your life with product development, continuous improvement, and agile management practices of the best businesses.

Click here and start today with my free, no-obligation, ‘Clear Direction’ planning guide

Get Started with your free 'Clear Direction' Planning Guide.

Get Started with your free 'Clear Direction' Planning Guide.

Last Updated on

Reading time: 2 minutes

See how it can work for you.

Get on the road to great results.

Free support and updates.

Make a comment here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.