How do you determine the number of Cyber Security persons an organization needs? What is the connection between the number of employees and the number of security systems?

SecuritySecurity Strategy & RoadmapSecurity & GRC
5.5k views13 Comments
Sort By:
Oldest
VP of IT in Educationa year ago
That’s a really tough question, I think the number of systems or log sources would be a better metric. If I had to pick a number I would probably say 1 for every 250 employees. But that also assumes you are using an EDR or XDR service to assist and probably outsource penetration testing, vulnerable management, and security/systems audits. If you’re developing external applications then I would at least double the number of security personnel.
2
VP of IT in Softwarea year ago
I have not really thought of this in terms of Cyber Security people to employees. I think of it in terms of security personnel to the number of applications that need to support and the complexity for these applications.
1
Director of Network Transformationa year ago
I think it "depends"...  What vertical are you in?  Are you subject to SOX, PCI, the new SEC rules and so on..  Are you regulated?  Do you have a significant number of 3rd party requirements.  This is a difficult question to answer.  
2
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
C-PIO in Softwarea year ago
I don’t think you can really pin a number on it. Factors you have to consider our age of system, Legacy system, systems, number of users, both internal and X ternal’s. You have to do an assessment as to what you need and I know you’re looking for a number here but I find it’s far too difficult to give a hard number. The skill set of those security specialists is critical to solving your problem. An individual with the prescribed knowledge can handle a large volume of work, we’re as a poorly equipped or junior security specialist will struggle. This is also scale able in that you may need to throw more resources at the issue up front and then taper back once under control. Start with contractors and then migrate to in house is the best I can suggest.
1
Senior Director of Engineering in Softwarea year ago
I don't see an obvious correlation between them.

I think it depends on the size of your engineering team and the roadmap that you might have (e.g. DevX, SOC2).

I would start with a lower number, say 3, understand the capacity and then fine tune it to one's needs.
1

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Applications & PlatformsCloudData & Analytics+15 more
Head of Enterprise Architecture MERCK Group in Healthcare and Biotecha year ago
Strategy & Architecture
Read More Comments
39k views5 Upvotes34 Comments

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

Who performs access fulfilment (provisioning and de-provisioning of user access) to the network and systems within your company?  Is it a first-line function operated by Technology (e.g. Service Desk)?  If not, what department or team performs this function within your company?

Security Strategy & RoadmapIT Strategy & RoadmapService Desk
VP of IT in Manufacturing9 days ago
IT Service Desk.  Hiring manager fills in a web form that starts a ticket.  We standardized equipment options (standard laptop, WFH equipment, iPhone) so they just have to tell us which one(s) apply.  And what apps of co...read more
1 Reply
Read More Comments
1k views4 Comments

What is everyone using for cloud cost management? Looking for one that’s good for Azure, can scale and integrates with Service Now.  Has anyone used the Service Now cost management module?

CloudPeer InsightsSecurity Strategy & Roadmap+1 more
1.7k views

What's a greater concern for returning to the office? Comment how you are prioritizing...

People & LeadershipStrategy & ArchitectureCloud+29 more

Human Factors (fears, mental health, physical spacing)85%

Technical / IT Factors (on-premise tools, pivoting back away from remote)14%

3.7k views3 Upvotes2 Comments