The end of the year is coming, and it’s time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced.
The Definitive2020 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an off-the-shelf tool to clearly and easily present their plans and insights to management.
While many security decision-makers have the tools and expertise to build their case technologically, effectively communicating their conclusions to the organization’s management is a different challenge.
Management doesn’t think in terms of malware, identity compromise, or zero-day exploits, but in terms of monetary loss and gain: Would investment A in a security product reduce the likelihood of cyberattack derived downtime? Would outsourcing a certain security functionality to a service provider optimize the productivity of the in-house team?
If you’re the one accountable for security in your organization, you must be able to provide simple answers to these questions.
A significant part of this relates to the pros and cons of the current security posture. What was achieved in the passing year didn’t happen by chance but was the result of executing a well-defined strategy. Communicating this strategy and its results are paramount to justifying resource reallocation.
As a rule of thumb, the more you are able to approximate your insights into absolute black and white terms, the better. In other words, if you want to make a case for enlarging the budget to enable the purchase and deployment of new security technology, the management-bound argument shouldn’t be its ability to pinpoint malicious behavior more efficiently than the technology currently in place, but it’s ability to prevent the direct and implicit monetary loss your organization suffered from a cyberattack over the past year.
While these two arguments seem identical to the security practitioner, they are tremendously different in their ability to capture the mindset of non-security-savvy management.
The Definitive2020 Security Plan PPT template enables security pros – CISOs, CIOs, security directors, and others – to easily distill their security knowledge and present the insights and conclusions that speak the management language.
The template was built based on feedback from both security stakeholders and management personnel, encompassing the key aspects of presenting an annual plan. Instead of spending valuable time on building their case from scratch, security decision-makers can start from a given infrastructure and focus on filling it in based on their specific needs.
The template consists of three integrated parts:
- Overview of the existing allocation of resources for cybersecurity. This includes implemented technologies in place, the cost of the security team (or of the portion of time IT personnel dedicate to cybersecurity-related tasks), and engagement with 3rd party providers, either on an ongoing basis or per specific event.
- Evaluation of the cybersecurity performance under the existing resource allocations. On the success side, it would include indications of attacks that have been prevented or efficiently contained by the products and the security team, together with analysis of the potential damage that was eliminated. On the challenge side, it would include cyberattacks that have caused tangible damage to the organization due to a lack of sufficient technology or security team capacity.
- Future annual planning that takes the evaluation bottom line and translates it into actionable steps. These may include changes in resource allocation, enlarging the security budget, decisions to add or replace security products, decisions to withdraw from or engage with a security service provider, and any other action that would enhance the security posture to address the gaps that were unveiled in during the evaluation.
As you see, the underlying theme of the template is cost. How much did the organization spend on cybersecurity, how much did this spending pay off in the long run, and how much did the organization lose due to an under fitted security budget.
The 2020 Security Plan PPT template is the ideal tool to engage your management and get their approval for your decisions regarding the best security strategy to implement.
Download the Definitive2020 Security Plan PPT template here.