Video Transcript

My name is Leo Chavez, and I’m the CEO of Enterprise IT Security. I want to talk to you a little bit about how we build sustainable security practices.
I tell customers this all the time, but it’s very important that people and process come before technology. There’s no shortage of OEMs and vendors telling us that their product or their platform are going to come in and solve all of our problems. The reality is that if we don’t have the people to run these solutions in our environment we’re going to be in trouble. And if you’re having trouble staffing like a lot of my customers are, reach out to a provider like us that has a bench of engineers skilled in these products and knows how to maintain them the right way and ensure you have the people you need to be successful.

Process

If we don’t have processes to govern the changes, we’re making throughout the lifecycle of these investments we’re going to deviate from the baselines and standards we established on day one. We need processes to make sure they’re following these things consistently as they’re making changes, we need processes to establish the key performance indicators of success that our management’s going to need, that senior leaderships going to need to know that the investments they’ve made in security are being maintained throughout the lifecycle.
People, process, then technology. That’s how you build a sustainable security program that’s going to hold weight and stand the test of time.
If we don’t have processes to govern the changes, we’re making throughout the lifecycle of these investments we’re going to deviate from the baselines and standards we established on day one. We need processes to make sure they’re following these things consistently as they’re making changes, we need processes to establish the key performance indicators of success that our management’s going to need, that senior leaderships going to need to know that the investments they’ve made in security are being maintained throughout the lifecycle.