Ladder Of Business Intelligence

LOBI Security Model

Ladder Of Business Intelligence

LOBI Security Model

IT Security Entrepreneurs ForumStanford University

Palo Alto, CAMarch 14, 2007

2

Discussion ObjectivesDiscussion Objectives

Introduce the Ladder of Business Intelligence (LOBI)

LOBI is a new non technical communication framework that

can clearly position the value that technology investment can

provide to business.

Demonstrate to a CEO of an Information Technology

company how the LOBI framework can be used to sell to

potential customer CIOs

The LOBI Model

4

Facts

Data

Information

Knowledge

Understanding

Enabled Intuition

Ladder of Business Intelligence (LOBI) ™Ladder of Business Intelligence (LOBI) ™ Objective:

Improve speed, effectiveness and efficiency of decision making

Methodology:

Productivity through CTI by business role

5

Facts

Data

Information

Knowledge

Understanding

Enabled Intuition

Business role set, process set, technology set

Retrievable organized data

Information views targeted by roleOperational collaboration

Reusable information views

Business modelingBrain stormingStrategic collaboration

Break-through visionary thinking

No timely retrievalDisorganized data

Objective:

Improve speed, effectiveness and efficiency of decision making

Methodology:

Business productivity through reducing Cycle Time to Information

by business role

Ladder of Business Intelligence (LOBI) ™Ladder of Business Intelligence (LOBI) ™

6

LOBI TripleLOBI Triple

Business

Role

Business

ProcessTechnology

7

What is InformationWhat is Information

Objective: CTI By Business Role

IntegratedData

Human Intelligence

Artificial Intelligence

Value of Information = Experience + Data Correlation Ability + Communication Skills

InformationView

8

Cycle Time To Information/KnowledgeCycle Time To Information/Knowledge

Cycle Time

Information/Knowledge

Business RoleBusiness Role

9

Business Role Information AnalysisBusiness Role Information Analysis

Define business role

Define 1–10 key questions

Information needed to answer questions

Data source needed to generate information

Do quality data sources exist?

10

BRIA Role Table - ExampleBRIA Role Table - Example

Role Key Questions Information Data Sources Data Sources

Exist?

CSO/CIO 1) Can we meet regulatory compliance requirements this year?

2) What are the top areas in security that the company needs to focus on?

1) High/critical risks that need to be mitigated to pass SOX/HIPPA/PCI compliance

2) High risk areas in security to focus on

1) SOX/HIPPA/PCI audit reports

2) - Risk Management Analysis outcome/data

- Security/vulnerability assessment reports

1) Yes

2) No

1) Yes

2) No

Infosec Managers/

1) How effective is our information security program?

1) Incident response effectiveness

2) Impact on security incidents/attacks on business

3) Patch management process effectiveness

1) Reports from security systems/devices (Firewall, IDS,routers,switches,servers,SIM/SIEM, AV)

2) Security Assessment/Audit results

1) Yes

2) No

Security Analyst/

Engineers

1) What are the high-risk/critical attacks/ that we need to investigate & respond to?

2) What are the high-risk vulnerabilities that we need to mitigate?

1)Top-tier threats/attacks

2)Top vulnerabilities to patch/mitigate

1) IDS/IPS alerts

2) Firewall,routers,switches logs

3) Server & application logs

4) Vulnerability Scanning reports (nessus,Qualys, Foundstone,etc)

Yes

11

10 Step Security LOBI Implementation Process10 Step Security LOBI Implementation Process

Security LOBI Model

4) Process Roadmap5) Gap Analysis6) Collaboration7) BRIA (Business Role Information Analysis)

People Process Technology

People Process

Technology

8) Technology Architecture9) Security LOBI level and budget10) Security technology/project Implementation

1) Security vision/mission2) Enterprise Security Roadmap3) Process Teams

12

Value based IT Security Investing ModelValue based IT Security Investing Model

Syslog/eventlogs

Firewall,IDS/IPS,AV,Anti-spam,Content filtering,NAC/NAP…

Utility Investments

L3 L4

L5L6

L2

L1

Legend: Blue = Utility InvestmentsYellow = Non-utility/competitive Investments

Competitive Investments

BISIM/SIEM

(Arcsight,Cisco MARS)

BISIM/SIEM

(Arcsight,Cisco MARS)

Security Knowledge

Base, Documentation/

Knowledge Sharing

Security Knowledge

Base, Documentation/

Knowledge Sharing

13

Selling Security to CIO’s - Summary Selling Security to CIO’s - Summary

Step1 - Listen to CIO’s top 5 business challenges. Map their challenges to correct Security LOBI levels.

Step 2 - Identify which business function & business roles within that function your security product or service will make more productive.

Step 3 - Discuss with the CIO how your security product or service will integrate into their “As Is” IT Ecosystem.

Step 4 - Ask for a follow up meeting with the appropriate directors (BU/IT) depending on which LOBI level your product mapped to.

14

Summary: Top LOBI ConceptsSummary: Top LOBI Concepts

LOBI Triple: People, Process Technology

CTI •Cycle time to information

Top 10 Questions •What are the top 10 questions that need to be answered for a business role

CTA•Cycle time to action

CTK•Cycle time to knowledge

BRIA• Business Role Information

Analysis

Thank You~

Jim Cates

Thank You~

Jim Cates

www.happyabout.info/climbing-ladder.php

http://www.happyabout.info/climbing-ladder.php - http://www.happyabout.info/climbing-ladder.php -

http://www.happyabout.info/climbing-ladder.php - http://www.happyabout.info/climbing-ladder.php - http://www.happyabout.info/climbing-ladder.php - http://www.happyabout.info/climbing-ladder.php - http://www.happyabout.info/climbing-ladder.php - http://www.happyabout.info/climbing-ladder.php -