Stop pretending that you have this castle. I am seeing far too many leaders who think they have a great security plan, architecture and design when they don’t. They are convinced they have a nice solid castle.When their plan looks more like this…
For some reason they think that adding a turret to their defense, some shiny new toy is going to save them. You, the IT Business leader, are being misled when you think this.
The issue is deeper than this. The foundation is weak, and upon a weak foundation you can’t execute with an IT Security plan.
The problem is that there are too many opinions and too much noise. There is not even a clear definition of what is an IT security assessment versus an IT security audit. And when you search for one, all you get are meaningless results that only confuse people.
Fundamentally you want an assessment to give you what?
- You want a roadmap to fix weaknesses.
- You want clarity.
- You want to be able to unravel complexity.
- You don’t want the opinions of your staff, or a consultant, or a hardware/software vendor, or your auditor.
You want a distillation and interpretation: a plan that fixes holes.
What you want is a rollup of all of these into a summary of complete data so decisions can be made with context, and not in isolation.
In today’s day, if you can’t distill your current state into one page then you are wrapped up in complexity and have no other way to present the data.
Even finance has to summarize complex data into reports that business people can understand. You should do this too. Here is an example of a visual summary report that any business person will understand in less than 2 minutes.
IT Security is wide and expansive and your job is to consolidate the information. There is quite a bit of research happening on visualization and the impacts of Big Data Design. Mastering data visualization in order to create a clear plan is the only way to build your castle.
To learn more about IT Security Strategies, Visualization Techniques, Playing better Defense so you can execute on Offense, Leadership and Exponential Technologies, join my newsletter which is called the Exponential Business IT Leader.
Reduce the Ceiling of IT Security Complexity with the CIO Security Scoreboard. Learn more here