Cyber’s ESD Operating Model – Balancing Risk-Reward for the Digital Value Chain

Cyber's ESD Operating Model (Eco Stack Defense) is a balancing act – with real world consequences – played out every day by organizations around the world.

For enterprises with the least effective cyber security results, the ESD Eco Stack is an unknown, unseen and unused operating model. For those with the most effective results, Cyber's ESD is standard operating procedure.

Where do you fit?

Wellington’s ongoing research reveals global population breakouts of 20 percent at the bottom, 68 percent in the middle, and 12 percent at the top, going from least to most cyber effective.

Whether you are in the bottom, in the middle, or at the top, understanding and improving your ESD Eco Stack effectiveness is the same thing as becoming more cyber effective.

Read further to discover what Cyber’s ESD Eco Stack is, why it’s important, and what you should consider doing about it.

Cyber's ESD and Operating Models

The obvious questions are what is an operating model, is it important, and how is ESD as an operating model applicable to Cyber?

Operating models express what is done and by whom in an organization. As such they are like RACI matrices (who is responsible, accountable, consulted and informed) but go beyond this by including the processes and workflows. Two of the operating models are the Cyber Domain Automation (CDA) Operating Model that is used to automate cyber workflows and processes, and ESD that prioritizes and automates the treatment of risks related to the use of digital.

Cyber operating models summarize all the digital methods, tools, processes and resources used to implement, operate and manage all things cyber. Three cyber operating models in concert - Eco Stack Defense, Cyber Domain Automation, and Operational Data Intelligence - summarize an organization’s business and market drivers, policies, risk appetite and treatments, what is delivered to stakeholders and customers, and the strategy and tactics of what is done, where, when, by whom, and the why and how of cyber security operations. That's a mouthful.

Cyber's ESD Operating Model is but one of the three operating models. One operating model is not better than the other, and in truth all three exist simultaneously - to different degrees by level of maturity – in many industrial economies and geographies.

Cyber's ESD - Risk Treatment, Up and Down the Digital Eco Stack

ESD is all about putting risk appetites and treatments into action in the digital business of the enterprise. It is the summation and coordination of risk treatments using a wide variety of controls to mitigate, control and manage digital risk to an acceptable level.

The layers of the ESD Eco Stack running from the South to the North cover from digital infrastructures to all end to end (E2E) business processes for internal operations and those across the organizations value-chain, from customers through supply chains out to raw materials.

The digital infrastructure segment of the ESD stack consists of six layers, three of which overlap with the digitized business segment of the stack. The layers of the digital infrastructure segment include: (a) networking and communications stacks, (b) end point devices and sensors, (c) digital systems and software services, (d) data and information used in business operations, (e) business software applications and services, and (f) digital identity and access software and services.

The digitized business process segment of the ESD stack consists of four layers and it overlaps with two other segments: the digital infrastructure and digitized value chain segments of the stack. The layers of the digitized business process segment consist of the following: (a) data and information that organizations use for business operations, (b) business software applications and services, (c) digital identity and access software and services, and (d) digitalized business functions such as legal, human resources, sales and marketing, customer services, manufacturing, design and production among others.

Figure 1: Cyber's ESD Eco Stack Segments and Layers


Source: Wellington Research, 2018

The digitized value chain segment of the ESD stack consists of three layers and it overlaps with the digitized business processes and digital infrastructure segments of the stack. The layers of the digitized value chain segment consist of the following: (a) digital identity and access software and services, (b) digitized business functions, and (c) end-to-end (E2E) digitized business processes.

Risk Treatments, Up and Down the Stack

The key to understanding Cyber's ESD Operating Model and its value to the enterprise is the core function it performs for cyber, which is the modulation of risk – operating and otherwise – from the use of digitized business processes.

Unfortunately, there is no one right or wrong way to manage risk when it comes to digital. Wellington Research has run into many different types of digital risk management programs, from non-existent to stratified formal approaches that are ignored. Although there is not one correct method, there are basic principles, that when put into effect up and down the ESD Eco Stack layers, yield fruitful results for organizations.

And because the layers of the ESD Eco Stack are responsible for defining and managing risk treatments from the uses of digital across the span from digital infrastructures to the value chain, ESD is one of the three important operating models to improve to become Cyber effective.

Why the ESD Eco Stack Operating Model is Critical

Who cares about models?

Truth be told, models are only as good as they represent the world around us. Us people are generally model builders, trying to understand and represent the reality we perceive around us. Besides being a representation, models also serve another critical purpose: they organize and discipline action to achieve purpose: and it is here that the ESD Eco Stack shines.

The reason why the Cyber's ESD Operating Model Eco shines is that – when done properly - it puts a spotlight on the critical business risks related to the uses of digital, immediately prioritizes these, helps to organize resources allocation accordingly, and aligns the organization to become its most cyber-effective.

Spend, Risk Treatments and Upcoming Research

We are in the middle of research into global spend across the layers of the Eco Stack and are unable to provide market spend breakouts or forecasts, currently. However, when we assemble the findings about global ESD spend and spend allocation we will have more to report.

We fully expect the allocation of spend across the three major segments of ESD and its layers will differ and change over time in response to managed services, outsourced services, new service offerings, and the impact of Cloud subscription consumption and delivery models.

Putting in place effective practices for Cyber's ESD Operating Model is beyond the scope of this Research Note. Principals desiring practical assistance based on years of primary research, consulting and service delivery can call upon us for Eco Stack Cyber Operating Model workshops, Operations and Strategy gap analysis benchmarking, and actionable planning recommendations that will help to improve results from least mature to more mature, and from least effective to more effective for cyber.

We will uncover and analyze the other Cyber operating models – Operational Data Intelligence – in future research.

Meanwhile, reach out to us with your questions and we wish you the all the best to improve the effectiveness of your cyber efforts.

Related Research

Cyber Security Operating Models and Cyber Effectiveness

Cyber’s CDA Operating Model – Both Ends Against the Middle

2018 Cyber Security Spend Report

Finding a Strategic Cyber Security Model

Featured Research

2018 Cyber Security Spend Report

The 2018 Cyber Security Spend Report focuses on global spend today through the coming five years. Did you know that global spend on cyber security is: More than $103 billion today Will exceed $130 billion by or before 2022 Today’s top two spend categories account for almost 50 percent of spend by enterprises today. The

Innovative Digital Business Models

Is your company making money using some of the innovative digital business models of the future, today? If not, it is important to understand what some of the new digital business models are, what they are best used for, who should consider using them, why they are important, and when they should be used. Not