IDC PlanScape Figure

Executive Summary

Why Is Security Resource Optimization Important?

Improve Security Resource Allocation Methods to Focus on High-Priority Risks

Enable Improved Cost Optimization Analyses, Metric Calculations, and Benchmark Standards of IT Security Costs

Better Communicate the Cost of IT Security Services by Aligning Costs to Their Business Purpose

Properly Evaluate and Optimize the Security Portfolio of Products and Services

What Is Security Resource Optimization?

Cybersecurity Functions Described: The Four Disciplines of Security Management

Identity Management Services

Identity Management Subservices

Identity Management Assets

Vulnerability Management Services

Vulnerability Management Subservices

Vulnerability Management Assets

Trust Management Services

Trust Management Subservices

Trust Management Assets

Threat Management Services

Threat Management Subservices

Trust Management Solutions

Who Are the Key Stakeholders?

CIO and IT Management Team

Business Management Teams

IT Security Management-CISO

IT Department Heads

How Can My Organization Take Advantage of Security Resource Optimization?

Create a RACI Matrix

Collect All Costs for Security Functions

Optimize Using Risk Reduced per Unit Cost

Estimating Risk Reduction

Advice for Technology Buyers

Immediately: Prior to Budget Completion

Next 6 Months: Include in Budget

Over 12-24 Months

Related Research