05. Exercise: Strategic Thinking
Exercise: Strategic Thinking
Your organization, SwiftTech, has an information security steering committee to ensure that the business and security strategies align. Next week is this month's meeting and you have been provided with information related to business strategy and current security strategy (see images below). Please review the information and answer the scenario.
Answer the following scenario:
QUESTION:
As part of this month's information security steering committee meeting you know of a proposal that will be made. The proposal is to overhaul and modernize existing network security mechanisms because several of the devices are going to be end-of-life in 12-16 months. Based on what you know about the organization's strategy what might you advise the steering committee? The committee will also want to discuss the existing cybersecurity budget. Based on what you know, what assumptions might you make about the cybersecurity budget?
ANSWER:
- The key to answering this exercise is realizing that a disconnect exists between corporate strategy and security goals.
- Business strategy is shifting away from an on-premise mindset
- Business is concerned with speed and agility
- Security is heavily invested in on-premise security controls