I’m a big believer in the fact that, to help security teams keep pace with ever-evolving cyber threats, we as vendors, partners, and human beings need to embrace three simple words: move security forward. This is true whether we are talking to security leaders (CISOs, VPs, Directors), security builders (architects and engineers), or security users (threat hunters, analysts, admins). True value is realized only by making technology products and services that live up to their promise. At the end of the day, we should thus promise to move security forward.
Moving security forward is a promise rooted in the needs (problems), pains (challenges), and wants (outcomes) of buyers. Yet moving security forward means something different to every security leader, builder, and user, though at the core of every security conversation are three core measures of value:
- Are we (vendors, partners, human beings) being risk-minded about the business?
- Are we (vendors, partners, human beings) fostering more efficient and effective staff and processes?
- Are we (vendors, partners, human beings) building more resilience to cyberattacks?
These value drivers serve as the basis for how to help move security forward. The following table breaks down what we call “The 9 Cs of Cybersecurity Value” rooted in being risk-minded, efficient, and resilient. I can promise you this: As we at Vectra engage with our security leader, builder, and user partners, we will stay true to these 9 measures of value.
 |
Buyer Needs: To manage risk |
Buyer Pains: To be more efficient |
Buyer Wants: To build resilience |
|---|---|---|---|
| Be risk-minded | Accelerate time to value | Build human resilience | |
| Security Leaders - CEO / CIO - CISO / VP Security - SOC Leader |
Controls: Moving security forward is providing controls that reduce business risk. |
Compliance: Moving security forward is meeting customer, regulatory and industry standards. | Continuity: Moving security forward is building human resilience to cyberattacks. |
| Security Builders - Security Architect - Security Engineer - Cloud Architect |
Coverage: Moving security forward is visibility to an ever-expanding attack surface. | Complexity: Moving security forward is leveraging an existing security ecosystem. | Competency: Moving security forward is building resilience to the ever-evolving attack landscape. |
| Security Users - SOC Analyst - Threat Hunter - Security Admin |
Clarity: Moving security forward is knowing the threats that matter most to the business. | Context: Moving security forward is reducing alert triage and reducing analyst burnout. | Community: Moving security forward is sharing attack intel with partners and peers. |
My first 6 weeks at Vectra centered largely on gut-checking ourselves against these 9 measures of value. Do we as vendors, partners, human beings live up to the promise of moving security forward?
C’s for security leaders
- Controls: Provide visibility and controls that reduce business risk. Vectra covers over 90% of the present MITRE ATT&CK techniques and holds the most patents on MITRE D3FEND countermeasures.
- Compliance: Make it easier to meet customer, regulatory, and industry standards. Vectra empowers security teams to see threats in places others can’t – and to stop them.
- Continuity: Build human resilience to cyberattacks. Vectra empowers security teams to keep their business partners’ data safe from compromise.
C’s for security builders
- Coverage: Close gaps in an ever-expanding attack surface. Vectra empowers security architects with unified threat visibility across all five attack surfaces.
- Complexity: Leverage an existing technology ecosystem. Vectra empowers security architects to consolidate and integrate existing technology, saving both time and money.
- Competency: Build resilience to the ever-evolving attack landscape. Vectra empowers security architects to protect an organization’s journey to hybrid and multicloud environments.
C’s for security users
- Clarity: Focus on the threats that matter most to the business. Vectra reduces analysts’ alert volume by up to 90% compared to anomaly-based alerts.
- Context: Eliminate alert triage and reduces analyst burnout. Vectra delivers the only security AI optimized to detect attacker TTPs, reducing investigations from days to minutes.
- Community: Share attack insights with partners and peers. Vectra invests 40% of revenue on R&D, primarily on advancing resiliency to the evolving attacker TTPs.
I would love to hear your thoughts on the 9 Cs. Please connect with me on LinkedIn or Twitter – or feel free to reach out to me directly at woj@vectra.com. When it comes to helping and measuring the value of moving security forward, I’m all ears.