Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Process-Led Deployment: How to Maximize Your Cyber Technology Investments

Taking a process-led approach to your cyber technology deployments is critical to your organization’s ability to reduce risk. Too often, organizations focus on solution features and not on driving the appropriate security outcomes.

When making an investment in a cybersecurity solution, or really any IT solution for that matter, you are looking for just that – a solution to a problem. Too often we get hung up on this feature or that function. The reality is you have a business problem and are looking for a solution to solve said business problem.

Successfully deploying the solution is as critical as selecting the right solution to address your problem. Oftentimes, software solutions are deployed using a technology-led approach. A technology-led approach to deployment typically jumps right into installation (on premises) or configuration (SaaS) for the technology of choice. This is a natural approach for technologists, as it gets them to their new set of features or functions most quickly.

The Standish Group Chaos Report finds only 29% of IT project implementations are successful, and 19% are considered failures. A technology-led approach to deployment oftentimes can significantly reduce the value realized from the investment in the technology solution. Most technology investments result in the transition from a current state to a new state. Your current state can be very manual, a homegrown solution, or an off-the-shelf application you are looking to upgrade. These processes have likely been tuned and optimized to support your current technology stack.

Why process matters

All technologies are different. Even if your new solution is delivering similar capabilities to your current technology stack, there are likely differences in how they go about delivering those capabilities. Usually, there are also new capabilities you would like to deploy. These new capabilities might not even be considered in your current processes.

Cyber Exposure is an emerging discipline focused on managing and measuring your modern attack surface to accurately understand and reduce your cyber risk. The discipline of Cyber Exposure requires us to look at this critical business problem and the supporting solutions through a different lens. Cyber Exposure is fundamentally changing core security processes by providing a broader coverage of assets while providing rich information necessary to prioritize where resources should be focused. Process transformation is critical in order to fully achieve this goal.

The value of a process-led approach

A process-led approach to deployment starts with a discussion about business and security objectives and the supporting processes necessary to achieve those objectives. Tenable Professional Services is defining a point of view regarding the common cybersecurity processes our solutions enable. These processes include asset discovery, vulnerability management, and configuration management. Early in the deployment process, we have a discussion with clients about these key processes. The objective is to arrive at a process definition that achieves the client’s business and security objectives while fully utilizing the capabilities of the technology. These process points of view provide a framework for facilitating this discussion. The result is a process-led versus technology-led approach to deployment.

The best advice I can give someone deploying a new technology is to first clarify your business and security objectives. These objectives should serve as a North Star for decision making. Take the opportunity to review your processes and procedures in the context of the new solution. Seek to understand the full breadth of capabilities of your new solution. Adjust your processes to maximize these capabilities. Only then are you ready to install and / or configure the technology. This will give you the best opportunity to maximize the realized value of your investment.

Learn More:

Learn more about Tenable.io, the first Cyber Exposure platform for holistic management of your modern attack surface. Get a free 60-day trial of Tenable.io Vulnerability Management.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs
Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security