Throughout the last couple of months, I’ve had several meetings with procurement teams responsible for making investments in security solutions. More specifically, we discussed how they aid in selecting security vendors, vetting those vendors, contract negotiations and of course payment terms.
But what I found out about the role of a procurement professional is that it goes way beyond these common tasks. For example, being in procurement allows for a very strategic and impactful security result. As it relates to security instrumentation platforms such as Verodin SIP, we’re seeing procurement teams leverage SIP for a number of valuable tasks that greatly benefit their businesses. Across these procurement professionals that I met with, here are some of the commonalities:
- What should we buy; what should we replace – understanding the comparative effectiveness of new security tools being evaluated during a POC against each other and or against existing security tools
- Are we getting value from it – assessing metrics to measure the value specific security tools are providing
- How long is it taking to get value from it – evaluating the time required to maximize the effectiveness of a given security tool
- Is this service working for us – calculating the effectiveness of security services, such as an MSSP’s ability to prevent and/or detect nefarious activity over time
- Should we get rid of it – helping the security team to determine if a security tool or service should be retired based on the amount of value it is currently delivering
There were many other use cases for SIP across these procurement teams. But the core value generally boils down to having business-level reporting illustrate security effectiveness at a point in time or trended over time as it relates to new or existing security products and services. With these details, procurement teams can make more informed decisions more efficiently and effectively. This also allows them to play a more interactive role in overall security effectiveness and help security teams achieve greater value from their organization’s investments.
Who would have thought procurement teams could play such a valuable and strategic role in security? As one procurement professional told me, “We’re not just the folks writing checks anymore. We play a very active role in business imperatives like security.”