From the outside, anyone looking at a company like Harley Davidson would say that they are in the business of motorcycles. But if you asked their CEO, he would tell you they are in the business of lifestyles. They get it and that is why they are doing so well these days.
From the outside, anyone looking at a company like nCircle would say that we are in the business of Vulnerability Management and Risk Management. But if you pull back the camera and take a good hard look at how our product functions within a large organization, we are ultimately in the business of intelligence and decision support. It might not be as glamorous as information security or hacking but ultimately, with the proper observation (information) and most appropriate orientation (in the proper context), the user (the observer) has everything they need to make decisions and and do what is right for the business.
Being a part of a customers decision making process comes with great responsibility. This non-zero-sum relationship is built on a foundation of trust and communication. If either fail, non-zero-sum turns into zero-sum and everyone has a bad day (but you already knew that).
Communication requires that the community have a common understanding of the language. There are two pairs of notions that I find frequently abused: Tactical and Strategic and its related Mitigation versus Remediating. Having any type of gap in understanding of these terms will render any decision support objective useless. A person could propose a tactical mitigation plan and another a strategic remediating plan, both of them right but they spend the next hour arguing for no reason other than an error in context. This was the case as recent as last week so it is my topic today in my blog post.
Tactical Context & Strategic Context
When a business owner is confronted with a new obstacle or problem, there exists a temporal trade off between having to take action today or being able to push it off until tomorrow and a spacial tradeoff of take action with the resources at hand or to build or acquire new resources for better plan in the future.
Tactical = response and actions that can be satisfied with the current resources
Strategic = response and actions that require allocation or reallocation of resources
Simple concepts I know but not so trivial when all parties do now share this common understanding.
Of all of the possible decisions and actions that can take place given the understanding of an operational risk to the business, the most appropriate one is very sensitive to time. For example, early in the life cycle, tactical mitigation (the workaround) is the primary focus because it is quick and since it is using resources already known, the target outcome seems more certain to succeed. But as time passes, the more strategic remediation (the fix) will be more appealing since it usual has longer lasting results and may lower the changes of this event happening in the future.
Decision support is driven by intelligence. No one knows this better than your adversaries and competitors.
I have been screaming for quite some time now that CEO's need to reinvent and transform their security organization into the INTELLIGENCE ORGANIZATION. It is a much higher value proposition and much more accurately describes their role in the organization. Definition 1a says it best:
in·tel·li·gence
Pronunciation: in-'tel-&-j&n(t)s
Function: noun
1 a : the ability to learn or understand or to deal with new or trying situations b : the ability to apply knowledge to manipulate one's environment or to think abstractly as measured by objective criteria (as tests)
2 : mental acuteness —in·tel·li·gent /in-'tel-&-j&nt/ adjective —in·tel·li·gent·ly adverb
Merriam-Webster's Medical Dictionary, © 2002 Merriam-Webster, Inc.
Being at the core of your organization's decision support is critical and it is not about always being the bearer of bad news but about being the one stop shop for Operational Intelligence and Situational Awareness.
--tk