1 Reply Latest reply on Feb 9, 2015 9:23 PM by Pete Chargin

    Micheal Allen's Ideas

      Share This:

      1. 1. Asset/inventory management:  Having an up-to date inventory of what you have and where it's located is an essential part many security and operational processes (incident management, patch management, vulnerability management, workflow management etc.).  While this is essential to many processes, many corporations struggle to maintain an effective asset database. How do we tackle this problem?

       

      1. 2. Metrics and measurement: How do you decide what to measure and how often to measure it?  How do you visualize trends and use this information to make important decisions?  How do you highlight areas of risk in a meaningful way tailored to the audience that you're presenting to?  This is a problem that many corporations face today but I'm yet to find an effective model that works for everyone.  I think having a discussion around metrics and measurement would be valuable.

       

      1. 3. Maturity model:  Do different products / systems require a different security baseline?  How do you track and measure progress overtime?  Should products have a target security profile in which they are measured against?  Is the CMM a good one?
        • 1. Re: Micheal Allen's Ideas

          In addition to your thoughts on the maturity model, Michael, I think we should work on the maturity model for companies. 

          3a. Maturity model for organizations. When trying to improve security through a SecOps lens, how should an organization assess their current state?  What are the stages that a company can go through? How do you move up the maturity curve?  What are the benefits that are achieved by groups at a higher level of maturity and what are the costs?  What are the best practices that are associated with each stage?  What are the characteristics and the skill sets of the people in each stage?