Differentiating People, Process, And Technology Problems: A Guide For CISOs
CIO, Thursday, September 5th, 2024
Finding the root cause of, and solving, security problems requires teasing out whether the issue is tied to people, process, or technology - or whether it's a combination of factors. Having a framework to assess the effectiveness of all three will go a long way toward easing the task.
When it comes to security, knowing you have a problem is only half the battle - if that. Figuring out how to solve the problem efficiently is what really matters.
And to do that, you need to determine the root cause of the problem. Is it a people issue, such as lack of enough security personnel? Is it inefficient processes that hamper communication within security teams? Is it a lack of the right technology for enabling security operations?
For CISOs, answering these questions is rarely easy. Most problems stem from a complex mix of people, process, and technology deficiencies, but pinpointing their sources can be a real challenge.