Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Proof of Concept (PoC) vs. Proof of Value (PoV): What Do They Mean for Your Business?

This is the first of our two-part series on how to use Proof of Concept and Proof of Value processes to evaluate industrial cybersecurity solutions. 

Unlike Proof of Concept (PoC), which proves a concept will work, Proof of Value (PoV) takes a deeper dive into the value of that solution for your organization so you can justify adoption and measure success.

If you’re evaluating new vulnerability management software or adopting a new technology for your organization, Proof of Concept (PoC) is a term you’ve likely heard more than once. 

But what about Proof of Value (PoV)? Are your vendors talking about PoV and what it means for your business? 

PoC and PoV are two distinct processes. Some organizations ask for a PoC when, in fact, they actually want a PoV, or vice versa. As you evaluate cybersecurity solutions for your operational technology (OT) needs, it's worth looking at both PoC and PoV and considering what they actually mean in a real-world scenario.

Here, in part one of our two-part series on PoC vs. PoV, we explore the differences between these two processes. In part two, Navigating an Industrial Cybersecurity Proof of Concept (PoC), we offer tips on how to perform an industrial cybersecurity PoC.

Proof of Concept (PoC) vs. Proof of Value (PoV): What Do They Mean for Your Business?

Proof of Concept (PoC)

Proof of Concept is a process to prove a solution works and there’s a practical application for it.

In terms of software, let’s say a new technology is designed to automate a business critical task for you. You apply that concept to a single work process within your organization. It works. Proof of Concept is good to go.

But PoC by itself may not be enough to determine if a new solution is right for you. It proves something can be done, but there’s no focus on what it can do for you. There’s no emphasis on the value or overall business impact for your company. That’s where Proof of Value comes in. 

Proof of Value (PoV)

Unlike PoC, Proof of Value (PoV) takes a deeper dive into what that solution means for your organization. You can use, for example, a detailed business use case to explore why your organization should adopt the PoC solution.

PoV can help you better understand the anticipated value the solution will bring to your business so you can justify adoption and measure success.

The Differences Between PoC and PoV

Let’s look at the differences from a high level, removing the complexities of industrial cybersecurity and talk in terms of automobiles.

In this example, hypothetically, my company produces unique shelving units for custom delivery vans. We claim our shelving units reduce delivery times and make room for more packages in your vehicle. 

Your company delivers packages and you’re shopping for a new fleet of vans. You’re interested in our shelving units.

First, in a PoC, we could test the concept of using custom shelving in your new vehicles by addressing the following questions: 

  • Does it hold your boxes? 
  • Can you load and unload them easily? 
  • Does the van operate safely? 
  • Does it have airbags, windshield wipers, etc.? 
  • How does the van handle on the roads?
  • Do packages shift in certain types of driving, bumpy roads, etc? 

The PoC may show you that yes, the shelves fit in the new vans and you may get more packages in them.

Now, to measure the value of the custom shelving, we would conduct a PoV. 

We already know the shelving and van work, because of the PoC, but do they improve delivery times and increase efficiency to the point where they reduce your operational costs? That’s a value component to evaluate with PoV.

Without putting a custom van into operation, it’s difficult to measure all of the variables, such as driver fatigue, actual cost of delivery, maintenance costs, weather, etc. 

So, to measure the actual value of the improved delivery van shelves, your company would deploy a few or a few dozen vans and see how they hold up after a certain time period. You’d look to answer the following questions:

  • Did drivers call out sick more often? 
  • Did operational costs on those routes drop as much as anticipated? 
  • Do the vans actually carry more packages in real-world uses?

Do I need a PoC or PoV?

When determining whether you need a PoC or a PoV, start with your overall business objectives, aka your success criteria. 

Your success criteria will help determine what you need to do. If you’re working with theories, testing concepts or working with abstracts, like “what if...”’ scenarios, a PoC is probably the most appropriate route to take because it’s a bit more qualitative. 

If your goal is to prove or measure the value a product provides while in operation, which is quantifiable, then a PoV might be best.

Unsure whether you need a PoC or PoV for your vulnerability management solution? Tenable can help with both a quantitative and qualitative analysis. Not sure where to begin? Start with these five key considerations to help you improve the efficiency and effectiveness of your vulnerability management program: “How to Choose the Right Vulnerability Management Solution.” 

In the second part of the series we take a closer look at Navigating an Industrial Cybersecurity Proof of Concept (POC) including processes, success metrics, pitfalls and best practice recommendations.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.