At ZecurityAscent, one of the key metrics we measure with each engagement is how much wealth was created. And by wealth, we mean discretionary free time, from the executives to the individual contributors. And we do this because this metric is what makes achieving and exceeding both personal and professional goals a reality.
By leveraging the exponential power of the cloud to reduce the time spent doing things that are often duplicative, mind-numbing, or otherwise a waste of time, opportunities open up. And then we measure that with governance risk and compliance software (GRC), showcasing the program’s success. Sorry if that sounds a bit like a sales pitch (it’s really not intended to be). We just needed to get straight to the point of how we attacked this great challenge.
And How Does This Help Me Achieve My Goals?
For every business objective, it’s not hard to find multiple personal objectives and goals at every level. Just ask the right questions, and the answers come flowing out. Personal goals such as “I want to be a CISSP by next year” or “I want to be doing something other than cleaning up security messes” are quite common. And both can be addressed with great success, simply by freeing up some precious time.
The challenge for the majority is that the organization is on the back side of the curve, reacting to security incidents after the fact rather than increasing capabilities to detect and respond in real time. That’s not where our greatest position of power lies. We don’t want to be fighting our security battles with tactics from yesteryear, not when everyone can clearly see they are failing.
What we want and need is to be fast, agile, ahead of our adversaries, and as efficient as elite special forces in completing a mission. And of course we need the right tools to help us win.
It’s Your Wealth, So How Does It Help You Achieve Your Goals?
Faced with so many failures in IT security these days, our hope is that everyone will take time to reflect. Is what has been architected as on-premises security doing the job? Probably not. Is it talking away precious free time, consuming resources in a wasteful way? Yes, most likely. Would that wasted time be better in my hands and my thoughtful creativity than in the time drain of legacy models that are losing their value each and every day? Again, most likely.
As information security practitioners, we must focus aggressively on not spending time on things that don’t matter. Doing so will open up those opportunities that will create the wealth (discretionary free time) we need. That’s how we will all succeed. And with it, it’s how our businesses will remain competitive.