As you can see, we predict that a next generation of risk consultant is emerging whose role is not episodic but persistent; who will take the baseline gaps and measures from the assessment and use these to create powerful bridges to a role in the architecture of a security information management approach to the security program. And finally, a role in interpreting the data through advanced analytics.
They are the community that can do it. They have the formal education in risk. They have experience with the processes security operations staff deploy and the human resources they hire. They are exposed to the technology they use and the integrators who have deployed that technology.
But consultants must find a way to persistently vet the other vendors in the value stream including other consultants, integrators and info architects. Based on this vetting process, they can create healthy and synergistic relationships that will be respected by their clients, because they have gone through the rigor and discipline of accrediting and continuously measuring them over time.
This is a new world; a collaborative world. The winners will be the clients that receive immeasurable more value and continuity from their vendors. And how shall the vendors gain? They will not only be known by their applied knowledge within their disciplines of consulting, integration, and performance management, but will also be measured by their effectiveness in collaboration, creating a sustainable value stream in security. The sum of the parts will add to their singular value.
Is this happening today? Yes, there are a few consultants who have created foundational relationships with integrators and info architects that go beyond choosing them for a particular project. They are allowing for new levels of relationship and knowledge sharing. Although this will not be a mainstream activity in 2014, the vendors who choose collaboration will see new benefits, more productive clients, and increased persistence in their presence and value within those clients.