IT Security Value Proposition

coche

Taken from the international bestseller “Value Proposition Design”, the Value Proposition Canvas identifies the value proposition (or value) of a service, product or process, as well as beneficiaries, customers and users. It allows to show how value of the proposal meets the expectations and constraints of beneficiaries. On our portal dedicated to cyber security, we have used this canvas for answering the right questions around all the benefits from a well implemented ICT security. Depending on your job in the entreprise, we have summarize the security added value to the gains, the pains and the risks covering.

 

Value proposition driven by the jobs

  • IT Manager
  • IT Engineer
  • Security Officer
  • Risk Manager
  • Procurement Officer
  • Company Owner
  • User

 

Value proposition driven by the gains

  • Which savings would make you happy ?
    • Capex reduction
    • Opex optimization
    • Agility in deploying solutions
  • What outcomes do you expect and what would go beyond his expectations ?
    • Better security level
    • Less security incidents, no false positive
    • Better visibility on the activity
    • Optimization of the IT resources
    • Better continuity of services
    • Better uses of resources
  • How do current solutions delight you ?
    • Specific features particularly important for your job
    • Global performances
    • Possibility to work from any place, on any device whithout compromising security
    • Mobility, agility
  • What would make your job easier ?
    • Automatic deployment
    • Automatic resilience
    • Smart monitoring & alerting
    • Automatic custom reporting
    • Better coverage during hollidays & out of office hours
  • What positive social consequences does you desire ?
    • Better recognition of my role in the entreprise
    • Clear prove of your added value in the entreprise
    • Stop considering security as a pain
  • What are you looking for ?
    • Efficiency
    • Better ratio between TCO and added values for the company
    • Long term solution / accompaingment in this fast moving domain
  • What do you dream about ?
    • 100% continuity of services
    • zero security incidents
    • always on infrastructure
    • 100% agility (any device, any place, any media)
  • How do you measure success and failure ?
    • High availability level
    • Low incident number
    • Fast time to react
    • Fast time to restore
    • Long term solution
    • Cost predictability
  • What would increase the likelihood of adopting a solution ?
    • Lower TCO
    • Reduced Capex
    • Lower risk
    • Better perceived quality
    • Reduced complexity
    • Easy for the users
    • Easy to maintain
    • Scalability

 

Value proposition driven by the pains

  • What do you find too costly ?
    • Time to manage the solution
    • Expertise level to manage the solution
    • Support recurrent costs by the vendor
    • Support recurrent costs by the integrator
  • What makes you feel bad ?
    • The possibility to be hacked without knowing
    • The possibility to slow or break down the major services
    • The obligation to switch in DRP mode
    • The non covering of well known risks
    • To be twice, victim of the same attack
  • How are current solutions underperforming for you ?
    • End of sales, End of support
    • Low performances
    • Not adapted to new risks
    • Lack of scalability
    • Known dysfunctions
    • Not adapted to new ways of working
  • What are the main difficulties and challenges you encounter ?
    • Difficulty to convince management to new investment
    • Security wareness of the users and managers
    • Bad perception of security by the users
    • Difficulty to deploy or maintain user solutions
    • Not being capable to prove their is no attack on-going
  • What negative social consequences does you encounter or fear ?
    • Loss of credibility in case of security incident
    • Loss of truts by the customers in case of security incident
    • Lack of agility in adopting new technology by the colleagues
  • What barriers are keeping you from adopting solutions ?
    • Upfront investments and amortization period
    • Resistance to change
    • Lack of expertise, competencies
    • Lack of awareness by the deciders

 

Value proposition driven by the risks to cover

  • Lost of productivity
  • Non compliancy applicable to the activity sector (NIS, GDPR)
  • Non compliancy with quality commitments to customers (ISO)
  • Disclosure of confidential information about the company
  • Disclosure of private information about individuals
  • Lost of credibility to clients, colleagues, users
  • Lost of revenue due to production alteration