Secure Impact has today released the ‘SI offensive cyber security maturity model’, a visual illustration of the journey an organisation takes in improving their overall security posture, and a tool to help businesses in their goal of improved security maturity.
Secure Impact (SI) identified the need for the model following discussions with clients, CISOs and other security experts within the industry, that highlighted that all too often there is a fundamental misunderstanding of offensive security engagements – what they entail, how they should be adding value to an organisation, and where they fit into the overall maturity journey. Furthermore, in a poll taken during a recent SI webinar, 62% of respondents reported that their top challenge in 2022 surrounding security maturity development was actually identifying what their next step should be.
Put together by James Lyne, Simon McNamee and the team at SI, the purpose of the model is to help CISOs and security teams to test and validate their existing practices, to make sure that they are getting the most effective results and creating the right business outcomes. The model aims to provide a guide to how offensive security practices can develop and stack over time, demonstrating what ‘good’ actually looks like, and using examples to help security leaders to self-identify where they are in their maturity journey, to start the conversation around where their next steps may be.
“We are so excited to launch the SI offensive cyber security maturity model. It’s important to note that there is no one 'right' way to do security - no ‘one size fits all’, silver bullet approach, that could cover every scenario and every business with their unique risk profile. Our goal with this model is to create a valuable tool for businesses and security teams who are considering their investment in offensive security and aiming to get the most value from their engagements. As a consensus-based model, this has been the result of many years of industry experience, and we hope to solve some of the challenges that security executives face, highlighting common mistakes that we regularly see as well as best practices, helping to empower their teams and help them to succeed in improving their security posture.” James Lyne, Founder at Secure Impact
Access the SI maturity model below
James Lyne introduces the model in a pre-release webinar
For any questions relating to the model or this news article please contact the SI team.