Abstract for: Enterprise detection & response strategy: How interventions prevented the capability trap – Results from a case study

Cyber security is a key for the anonymized fortune- 1000 organization "Carry Forward" to become a secure and trusted business partner. Unfortunately, they faced ongoing significant cost increase for specific security activities (security operations center) threatening the resourcing of other critical security activities and future defense posture. We used a system dynamic approach to delineate the complex enterprise eco-system relevant to security operation center, and identified areas to optimize prioritization. A significant change in managerial mental perception about governing security operations center allowed for moving away from the capability trap and stabalize future costs.