1. Info-Tech Research Group1 Info-Tech Research Group, Inc. Is a global leader in providing IT research and advice. Info-Tech’s products and services combine actionable insight and relevant advice with ready-to-use tools and templates that cover the full spectrum of IT concerns. © 1997-2013 Info-Tech Research Group Inc. Optimize Security Operations without Overspending Build up your security operations function to manage security risks more effectively. Info-Tech's products and services combine actionable insight and relevant advice with ready-to-use tools and templates that cover the full spectrum of IT concerns.© 1997 - 2013 Info-Tech Research Group

2. Info-Tech Research Group2 Be more secure without spending more by implementing just enough security operations function (SOF) instead of building a security operations center (SOC) you might not need. Protect what matters: Don’t over-invest or under-invest in the security operation function. Spend your money and time wisely and choose the right fit for your organization. Introduction CISOs or CSOs Security directors Security managers Security specialists or analysts Vendor service managers IT managers CIOs 1.Define the SOF in your organization: Understand what really matters to you. 2.Understand your challenges in terms of designing and building the SOF. 3.Design your own SOF: Align people, process, and technology to scale security to threats. 4.Make the right decision: To outsource or not to outsource, that is the question. 5.Build your own SOF: Implement your SOF cost- effectively step-by-step. 6.Continuous improvement: Build the measurement program to evaluate the effectiveness of your SOF. This Research Is Designed For: This Research Will Help You:

3. Info-Tech Research Group3 Workshop Agenda & Key Deliverables – Day 1 Module NameGoal List of Deliverables Module 1: Define the SOF in your organization: What really matters to you? Understand differences between traditional and next generation SOF Understand why building an appropriate SOF is important Understand what are the core roles and responsibilities Exercise: Define your own SOF-determine the exact role that you want the SOF to play Drafted SOF mission, vision, and responsibilities Module 2: Understand the challenges your organization is facing in terms of building and operating SOF Understand common challenges from real experience Exercise: Analyze your organization’s challenges in terms of technology, process, and people Challenge Analysis Report Information Security Event Analysis Report Module 3A: Design your own SOF–Technology Understand security pressure posture Exercise: Assess your organization's security pressure posture Understand SOF framework Understand technical capabilities for low, medium, and high security pressure posture Exercise: Perform technical capability gap analysis Security Pressure Posture Analysis Report Gap Analysis Report- Technology Module 3B: Design your own SOF–Process Understand process capabilities for low, medium, and high security pressure posture Exercise: Perform process capability gap analysis Gap Analysis Report- Process

4. Info-Tech Research Group4 Workshop Agenda & Key Deliverables – Day 2 Module NameGoal List of Deliverables Module 3C: Design your own SOF–People Understand options for staffing an SOF Exercise: Perform resource capability gap analysis Exercise: Review your consolidated gap analysis Gap Analysis Report- People Gap Analysis Report- Consolidated Module 4: Make the right decision: To outsource or not to outsource, that is the question Understand the options for implementing your SOF Compare the pros and cons with respect to in-house vs. outsourcing Exercise: Make your SOF implementation decision In-house vs. Outsourcing Decision Making Analysis Report Module 5: Make the shift, close the gap: Implement your SOF cost-effectively step-by-step Identify key success factors Exercise: Painting the roadmap: Demonstrate your vision and execution capability Exercise: Making the pitch: build a convincing business case Exercise: Simplify your life with a good project charter Understand major considerations for the project plan Drafted Business Case Drafted SOF Roadmap Drafted Project Charter Module 6: Continuous improvement: Build the measurement program to evaluate the effectiveness of your SOF Understand the importance of measurement and KPIs Identify critical KPIs Understand the importance of measurement program Exercise: Build your own measurement program Drafted Measurement Program and KPIs

5. Info-Tech Research Group5 Security Operations Function: Day 1 Module 2: Understand your challenges 2.2 Understand your tech environment – sources and volume of security events Module 3A: Design your own SOF – Technology 3A.1 Understand security pressure posture 3A.2 Exercise: Assess your organization's security pressure posture 2.1 Introduce the practical challenges from real experience Module 1: Define the SOF in your organization 1.1 Introduce SOF- related terms 1.3 Core roles and responsibilities of SOF 1.2 Why building an appropriate SOF is important 3A.3 Understand the SOF framework and technical capabilities Module 3B: Design your own SOF – Process 3B.1 Understand process capabilities for low, medium, and high security pressure posture 3B.2 Exercise: Design your own processes 3A.4 Exercise: Design your own technical capabilities 1.4 Exercise: Define your own SOF 2.3 Exercise: Identity your own challenges with respect to technology, process, and people

6. Info-Tech Research Group6 Security Operations Function: Day 2 Module 4: Make the right decision 4.2 Pros and cons with respect to in-house vs. outsourcing 4.3 Exercise: Make your own decision Module 5: Implement your SOF step-by-step 5.1 Key success factors 4.1 Options for implementing your SOF Module 3C: Design your own SOF – People 3C.1 Understand resource capabilities 3C.4 Exercise: Staffing gap analysis 5.3 Exercise: Paint the roadmap Module 6: Build your measurement program 6.1 Importance of metrics program and KPIs 6.2 Security metrics framework 3C.5 Exercise: Consolidate gap analysis 5.4 Exercise: Build a convincing business case 5.5 Exercise: Establish your project charter 5.6 Major considerations for the project plan 6.2 Exercise: Build your own metrics program 3C.2 Major roles and responsibilities in SOF 3C.3 Options for staffing and providing services 5.2 Exercise: Revisit the results from previous exercises 6.3 Security KPIs 6.4 Metrics development process

7. Info-Tech Research Group7 What’s in this Section:Sections: Module 1: Define the SOF in your organization Define the SOF in your organization Understand your challenges Design your own SOF – Technology Design your own SOF – Process Design your own SOF – People Make the right decision Implement your SOF step-by-step Build your measurement program Understand differences between traditional and next generation SOF Understand why building an appropriate SOF is important Understand what the core roles and responsibilities are Exercise: Define your own SOF – determine the exact role you want the SOC to play

8. Info-Tech Research Group8 Define the SOF in your organization: What really matters to you? After completing this activity you will understand: Differences between traditional and next- generation SOF. Why building an appropriate SOF is important. What the core roles and responsibilities of SOF are. These activities will enable you to: Identify what SOF exactly means to your organization. Clearly define SOF mission, vision, and responsibilities Steps in this section  Introduce different terms  Discuss the importance of SOF  Discuss core roles and responsibilities  Exercise: Define your own SOF Immediate outcomes of this section Key benefits Use Info-Tech Guided Implementation to help you through this activity

9. Info-Tech Research Group9 SOF vs. SOC: what a difference a single letter makes The SOF is a key part of the enterprise security infrastructure. It does not necessarily need to be in the form of SOC. It should be in the right form for your specific context. SOF vs. SOC SOC is not for everyone. But SOF is. Protect what matters. SOF2.0 vs. Traditional SOF Three different perspectives: Talking about the same thing using different words SOF is more broad than SOC SOC is more broad than SOF Intelligence Automation More business focus Flexibility

10. Info-Tech Research Group10 SOF and the Info-Tech security model Info-Tech provides information security advisory services in more breadth and depth than the content presented in this storyboard.information security advisory services Info-Tech has extensive experience in the following areas: Network Security Services Asset Security Services Identity Security Services Security Governance Services Mega Trend Research and Solutions Network Security Services NGFW IDPS Net DLP NAC etc. Identity Security Services IDM SSO MFA UP/DP etc. Asset Security Services Security Governance Services Security Strategy, Info Risk Mgmt, Security Compliance, Staffing, Training & Awareness, Organization, Policy, Architecture, Measurement, Physical Security Mega Trend Mappings Cloud, Mobility, Big Data, Consumerization/BYOX Advanced Persistent Threat Protection Data Apps Endpoints Security Analytics | Security Incident Response SOF

11. Info-Tech Research Group11 Why do I need to build an appropriate SOF? Threats are evolving every day and seen as unforeseeable and diverse. Protecting information has become less about technology and more about contributing to sustainability of your organization as a whole. 42% increase in targeted attacks in 2012 5,291 new vulnerabilities discovered in 2012 14 zero-day vulnerabilities Threats are increasing by 125,000 a day 91% of organizations have experienced at least one threat in 2011 50% of businesses see cyber threats as a critical risk to their organization 35% have experienced a data loss in 2011 The current threat context Business alignment Know your vital information assets Understand business context and know your business priorities Risk mitigation and asset protection Understand risk posture and protect vital assets Keep up with threat trends and speed up incident response Eliminate duplicate efforts and “holes” in security coverage Operational and cost efficiency Improve capital and operational expenditures Compliance obligation SOX, Bill198, POPI, PCIDSS, HIPAA, GLBA, etc. Local and regional privacy mandate Monitor regulatory compliance and evaluate compliance culture Your security obligation *Source: Symantec Highlights from 2013 Internet Security Threat Report and Kaspersky Global IT Risk Report 2012

12. Info-Tech Research Group12 Info-Tech Research Group Helps IT Professionals To: Sign up for free trial membership to get practical solutions for your IT challenges www.infotech.com Quickly get up to speed with new technologies Make the right technology purchasing decisions – fast Deliver critical IT projects, on time and within budget Manage business expectations Justify IT spending and prove the value of IT Train IT staff and effectively manage an IT department “Info-Tech helps me to be proactive instead of reactive – a cardinal rule in a stable and leading edge IT environment. - ARCS Commercial Mortgage Co., LP Toll Free: 1-888-670-8889