To get the most security for the least money, companies must create a balanced cybersecurity portfolio, similar to a financial portfolio, in which investments align to a specific priorities across a variety of areas instead of focusing on just prevention or remediation.
As part of my cybersecurity research (“Creating a Balanced Cybersecurity Portfolio”), I have focused in on all the stages of creating such a cybersecurity portfolio. One of the most interesting, crucial and difficult to execute is the last: rebalancing. It is hard to know when existing capabilities are less relevant and ready to be retired — or when new capabilities must be acquired and incorporated. In addition, nobody makes changes quickly. Solutions are phased out and introduced gradually. To meet this need and others, threat intelligence solutions have emerged as a critical part of the security stack.