I need a better pen.
That statement may mean something dramatically different depending on who just said the words. In some cases, like with me, it means I want more consistent ink and a body that fits comfortably in my hand for longer periods of time. To you that may mean something different.
In the introductory article of this series, “The Evaluation – Four Phases to Finding “Better” Solutions“, the foundation was laid with general descriptions of the four phases. This month’s entry goes a little deeper into Stage 1, the definition of the problem to be solved. The word “definition” itself means the condition of being definite, distinct, or clearly outlined1. I couldn’t have said it better myself.
The Mindset Going In
The point is, “better” means something different to everyone, and if you don’t specifically define what it means to you, odds are good that you will be disappointed with the result. The same applies projects and technology evaluations. Ask yourself, and be honest, how many times you’ve said that you need a better widget or whatever. When you look back at that definition of “better”, is it the same today as it was then? I’m going to venture a guess and say no.
So, when you look at the technology in your organization, or some process you’re looking to update or replace, assume that you’re not allowed to simply say “better”. Think about concrete, real ways that you can describe the state your technology is in today and the delta that needs to be closed. Whether you’re looking to replace your SIEM, your endpoint tool, or vulnerability management platform, you must define where the deficiency is.
First, define a current state. Identify that there is an issue using definitive terms and language while also (Read more...)
*** This is a Security Bloggers Network syndicated blog from The Ethical Hacker Network authored by Rafal Los. Read the original post at: http://feedproxy.google.com/~r/eh-net/~3/lHX3ZNBZEg4/