Posts Tagged ‘operating’

Cyber’s ESD Operating Model – Balancing Risk-Reward for the Digital Value Chain

Thursday, June 28th, 2018

Cyber's ESD Operating Model (Eco Stack Defense) is a balancing act – with real world consequences – played out every day by organizations around the world.

For enterprises with the least effective cyber security results, the ESD Eco Stack is an unknown, unseen and unused operating model. For those with the most effective results, Cyber's ESD is standard operating procedure.

Where do you fit?

Wellington’s ongoing research reveals global population breakouts of 20 percent at the bottom, 68 percent in the middle, and 12 percent at the top, going from least to most cyber effective.

Whether you are in the bottom, in the middle, or at the top, understanding and improving your ESD Eco Stack effectiveness is the same thing as becoming more cyber effective.

Read further to discover what Cyber’s ESD Eco Stack is, why it’s important, and what you should consider doing about it.

(more…)

Cyber Security Operating Models and Cyber Effectiveness

Monday, May 21st, 2018

Cyber Security Operating Models and Cyber Effectiveness.

Operating Models for Cyber Security

An operating model involves all the resources available to an organization to operate: it is used to express how companies deliver value to stakeholders and customers, it beneficiaries, and how organizations are structured to operate day-to-day.

As such, operating models are an expression of the effectiveness and efficiency of the use and allocation of resources to achieve stated aims and objectives.

When it comes to cyber security the common aims and objectives often include:

  • Keeping the name of the CEO and the company out of the limelight for having been 'compromised'
  • Staying ahead of the attacks and vulnerabilities to achieve the above
  • Engaging risk-appropriate controls to accelerate digital transformation projects

These are a few of the common objectives for cyber security.

Others are those normally associated with its measures, such as rates of patches applied, numbers of data loss/compromise events, and number of unresolved cyber event sequences among others.

(more…)