PITCHING

CYBERSECURITY
Getting Buy-In From the Boardroom

BRAD TAYLOR | CEO | PROFICIO

SPEAKER

W W W . P R O F I C I O . C O M
BRAD TAYLOR
CEO OF PROFICIO
25+ years of experience in enterprise cyber
security, networking, and software
 AGENDA
01 CISO’s Cybersecurity Goals

02 Common Security Operations Challenges

W W W . P R O F I C I O . C O M
03 The Gaps: Common Areas of Need

04 Other Considerations to Offset Challenges

05 8 Key Tips to Selling to the Board

06 Key Takeaways
ABOUT US

PROFICIO OVERVIEW

SOC-AS-A-SERVICE SOC SERVICES MODELS CYBERSECURITY

▪ Tier 1, 2, and 3 SOC Services
▪ 24x7 Security Monitoring, Triage
and Alerting
▪ Incident Response Orchestration
Services
▪ Security Experts Always On Call
▪ Cloud SOC + Cloud SIEM
▪ Hybrid Cloud SOC + Client SIEM
SERVICES
▪ Penetration Testing
▪ Vulnerability Management
▪ Forensic Investigations
▪ Compliance Programs
▪ vCISO
 BARCELONA, SPAIN

SAN DIEGO, CA USA

W W W . P R O F I C I O . C O M
SINGAPORE

GLOBAL SOC SUPPORT

Proficio has 3 security operations centers located
in San Diego, Singapore and Barcelona. Having
SOCs located globally enables us to support our
clients’ cybersecurity programs 24x7 anywhere in
the world.
CISOs SECURITY OPERATIONS GOALS

GOALS WHAT IS NEEDED

▪ Protect ▪ Risk Assessment
▪ Detect ▪ Controls and Threat Visibility
▪ Respond ▪ Accurate & Actionable Alerts
▪ Context and Relevance in Alerts

▪ Reduced Mean Time To Detect

▪ Faster Containment Response

COMMON SIEM & SOC CHALLENGES

WWW.PROFICIO.COM
ALERT FATIGUE LACK OF VISIBILITY
▪ Too many alerts,
RESOURCES
▪ Poor threat visibility or
what’s relevant? ▪ To constantly add system performance
Use Cases & Build
▪ Base SIEM content Content ▪ Poor threat
creates thousands of investigation,
notable events and ▪ To actively monitor
validation, and triage
false positives threats 24x7
workflow
MOST COMMON SECURITY OPERATIONS GAPS
“KNOW YOURS BEFORE YOU MEET THE BOARD”
PEOPLE/OPERATIONAL
▪ Having the Right Team in Place is Essential to Any Security Operations
▪ Can You Train People? Keep Educating Them? Can You Keep Them Employed?

PROCESSES

WWW.PROFICIO.COM
▪ Threat Discovery & Incident Response Needs Well-Defined & Documented Processes
▪ Generating Too Much Noise. Rule Creation is Critical in Order To Generate Actionable Alerts
▪ Missing Unknown Threats: Leveraging Threat Intelligence and Prior Incidents are Key
▪ Fine Tuning Rules: Continuously Write Rules and Keep Them Fine Tuned

TECHNOLOGY
▪ Latest SIEM and SOC Technology to Discover and Respond to Threats
▪ SIEM and Machine Learning Architectures are Not Designed for Cognitive Decision Making, Hence, the SOC
Relies on an Army of Security Analysts to Be Very Tactical
CONSIDERATIONS TO ALLEVIATE CHALLENGES
BUY, BUILD OR HYBRID
BUILD IN-HOUSE
PROS
▪ Complete Control of Operations
and Data
▪ Ability to Customize Processes
to Specific Needs
CONS
▪ Must Have a Large Budget
▪ High Turnover Rates
▪ Risk of Becoming Insular
▪ Seldom Able to Identify &
Respond to New Threats
CO-MANAGE/HYBRID
PROS
▪ Build On Existing Investment
▪ Pick & Choose Services
▪ Leverage MSSPs Use Cases
and Content
▪ Cost Savings is Significant
CONS
▪ Must Still Maintain Staff
In-House
▪ Invest in SIEM Technology
▪ Share SOC Management
COMPLETELY
OUTSOURCE
PROS
W W W . P R O F I C I O . C O M
▪ Alleviates Hiring & Retention
▪ Cost Savings is Significant
▪ Able to Leverage MSSPs Use
Cases & Content
▪ 24x7 Security Monitoring &
Alerting
CONS
▪ Creates Dependency on 3rd Party
▪ Requires Coordination with
Internal & External Teams
BEFORE THE BOARD MEETING

CISOS MUST HAVE A CLEAR

UNDERSTANDING OF:

W W W . P R O F I C I O . C O M
▪ Risks and Vulnerabilities
▪ Controls or Lack Thereof
▪ Threats, Attacks, and Compromises
▪ Ability to React
▪ Comparison to Industry Peers
BOARDROOM SELLING: TIPS 1 & 2

1. Know Your Audience

▪ Understand Who You’re Presenting To

W W W . P R O F I C I O . C O M
▪ Provide Audience with Content That Resonates
▪ Only Provide Relevant Information
▪ Leave Out the Security Jargon

2. Speak the Same Language

▪ Present Facts & Figures Your Audience Understands
▪ Don’t Get Too Technical
▪ Educate Using Common Comparisons
BOARDROOM SELLING: TIP 3

3. Stick To The Facts

▪ Main Focus Needs To Be On:

WWW.PROFICIO.COM
▪ Risks
▪ Costs
▪ Impact
▪ What’s the Risk to the Business?
▪ Don’t Go Down the Technology Rabbit
Hole
▪ What’s the Impact to the Bottom Line?
BOARDROOM SELLING: TIP 4

4. Don’t Forget to Backup Stats

▪ Bring Hard Facts

WWW.PROFICIO.COM
▪ Be Ready to Review Risks Compared to Industry
Peer Organizations

▪ Know Your Trends in Security Operations

▪ Be Versed in Latest News on Breaches
BOARDROOM SELLING: TIP 5

5. Present a Cohesive Action Plan

▪ Give a Clear Course of Action

WWW.PROFICIO.COM
▪ What are the Next Steps?
▪ Discuss Deadlines & Budgetary Needs that
Cover All Resources
BOARDROOM SELLING: TIP 6

6. Be Realistic About Budget

WWW.PROFICIO.COM
▪ How Does Your Budget Compare to
Industry Peers
▪ Demonstrate Why Your Specific Expense
Needs are Critical
▪ Be Practical and Not Too Far Reaching
BOARDROOM SELLING: TIP 7

7. Share Staffing Needs

▪ The Right Team is Essential

▪ Highly-Skilled Staff is in High-Demand

▪ How Do You Plan to Hire & Retain Staff

BOARDROOM SELLING: TIP 8

8. Consider the Consequences

▪ Leave the Board Confident with
Recommendations
▪ Discuss the Importance of Compliant vs
Secure
▪ Share What a Potential Breach Might Do
to the Company
KEY TAKEAWAYS
▪ Clearly Understand and be Prepared to Discuss Your
Organization’s Security Posture and Challenges

▪ Evaluate Whether or Not to Outsource Some Security Operations

to Offset Challenges

WWW.PROFICIO.COM
▪ When Presenting Your Findings & Overall Plan to Board:
▪ Speak in their Language
▪ Stick to the Facts & Backup Your Findings
▪ Present a Cohesive Action Plan
▪ Be Realistic About Budget
▪ Share the Consequences that Can Occur if Plan isn’t Followed
WORLD-CLASS

W W W . P R O F I C I O . C O M
CYBERSECURITY
SERVICES
SAN DIEGO | SINGAPORE | BARCELONA
WWW.PROFICIO.COM | INFO@PROFICIO.COM