MSB has used the Secure Insight process to help a variety of organizations
make security investment decisions.
From hospital security managers using Secure Insight to help with
HIPAA compliance to a large financial investment company’s security
department using Secure Insight to fine tune their security projects,
MSB has enabled organizations to develop and establish a systematic,
repeatable process for understanding information system risks and
When faced with an uncertain threat environment and resource constraints,
security managers and information system executives would like to
be sure that the security architecture is the best possible for the
Risk mitigation strategies should reflect the organization's unique
threat environment and a balance between security, productivity, and
The techniques of Secure Insight (SI) are flexible, systematic and
repeatable. SI models the timing, severity, and uncertainty of attacks
using the organization's best available threat information. Security
managers can see the effect of their risk mitigation strategies against
the threats, and compare alternative strategies. In addition, SI can
easily incorporate the continual changes in the threat environment.
Security managers gain insight into security investment decisions,
and information system executives can see their justification and
rationale for security allocations. SI uses multi-attribute analysis
techniques to help the security staff prioritize their security
requirements and effectively allocate their limited resources.
SI allows the security staff to focus on the important security
issues and provides insight into their threat environment and the
risk mitigation strategies that are most effective in reducing the
Most importantly, SI enables the security staff to conduct sensitivity
analysis of their estimates and see how their assumptions affect
the allocation of security resources.
Find out more about how MSB can provide you with Secure