7 Ways IT Integrators Can Help Security Leaders Effectively Manage Enterprise Operations

By Heather Zindel, CEO, Bloom Consulting Group

Today’s enterprise security leaders face unique challenges that require a tailored approach to operations in the current business climate, including the need for a strong ROI, consolidated operations, and thoughtful investment in new technology. To achieve the necessary levels of business security and effective operations management, IT integrators must work side-by-side with these security leaders and implement the following best practices throughout the process.

Understand The Client’s Perspective On Enterprise Risk

The role of the IT integrator is to take a non-proprietary technology approach to the development of the best solution for their client. Their primary objective is to understand the goals of the project along with the customer’s vision and timeline to accomplish it through design and implementation of technology.  However, to be successful helping security and risk executives manage their enterprise operations more effectively, the IT Integrator needs to first understand their client’s perceived risks at an organizational level from the business perspective, not the IT perspective. One way to start is to have the entire project team read the 10-K, an annual report required by the U.S. Securities and Exchange Commission (SEC) that gives a comprehensive summary of a company’s financial performance. It also provides a summary of the key risks that the company faces around the world. 

Be A Trusted Business Advisor First

As a trusted advisor to the enterprise security and risk organization and its leaders, understanding the business challenges come next. To be trusted, the IT integrator must gain the respect and even the liking of its clients to be heard, and to be effective. They also must be consultative. At the lowest level of the consulting hierarchy, there is the purchase of technical expertise. At the higher levels of the consultative relationship, one can begin to talk about a Trusted Business Advisor role. At this level, the IT consulting professional can have true influence and bring true value to the executive team.

Understand The Levels Of Relationships And Aspire To Excel At All Levels

Professional relationships operate at several levels:

1. needs-based, to solve problems
2. expertise-based, to give answers
3. relationship-based, to customize
4. trust-based, to advise

An IT integrator is expected to solve problems, and as a professional and expert, to know the answers. At the relationship and trusted advisor level, solutions begin to take on an organizational context. At these levels, the professional’s advice begins to be valued in a much broader realm. The key to being able to operate at this level is to understand the organizational-level challenges in the broader context of enterprise risk.

Understand The Organizational Structure In Which You Operate

In the enterprise security organization, there are three tiers: governance, program management, and operations. At the operational level, the IT integration solution aims to correlate events and centralize the security monitoring, analysis, and response within a single team. At the program management level, the IT integrator solves problems for mid-level executives on how to improve cost avoidance, cost efficiencies, cost sharing, and security ROI across a multitude of security projects. At the governance level, where the chief security officer (CSO), chief risk officer (CRO) and the chief information security officer (CSO) sit, the primary goal is to surface the right insight across all functions of security to decrease enterprise risk. 

Market And Package Your Solutions As Governance-Based Solutions, Not IT Solutions

Many of the point technology solutions in the security industry today are geared at the operations level for the front-line operator in the security operations center (SOC). Very few of the solutions today truly meet all of the needs of the security executive because to do so means integrating a large number of disparate data sources into a centralized location to generate true business intelligence and insight. To do this well, you need to understand what your executives really need to understand to make more informed business decisions for future investment. 

Plan To Provide Cloud And Big Data Services  

The business of security is complex, and to generate the insights mentioned above requires excellence in IT integration and data integration. As enterprise security organizations start to ensure that everyday physical security devices are connected to the Internet and can represent themselves digitally, Big Data analytics capability will become even more important for the IT integrator. With Big Data, database capacity and resulting costs for capital expenditures will continue to be a top consideration in the enterprise. IT integrators that can provide private cloud and public cloud solutions will have a greater competitive advantage in the security industry.

Plan To Build Cyber Security Expertise

While at a security conference with top CSOs a few months ago in New York, I took the opportunity to ask system integrators and IT integrator CEOs what the number one concern is for their business. Across the board, every one of them told me it was cyber security. When you specialize in servicing the security industry, you can’t afford to deliver a technology solution that is highly prone to cyber threats. Although you can never reduce the risk of a security breach 100 percent, not being educated and highly aware of securing technology from these threats could be a potentially catastrophic mistake. The increasing concern about recent high-profile computer breaches underscores the need for investing and building this muscle in the IT Integration organization.

Heather Zindel is the CEO of Bloom Consulting Group, Inc., an enterprise solution and services provider, specializing in information architecture, Big Data analytics, process and performance improvement, modern user experience design, and cloud-based, Windows 10 application development.  Bloom’s mission is to help executives modernize the business of security.