Security leaders cede control of capabilities they offer the enterprise by misallocating resources and putting too much emphasis on technology. This report guides CISOs through a methodology to reclaim their long-term security strategy by rethinking the techniques they use to build their portfolio of products and services. Specific scenarios explain key decision points that clarify the advantages and disadvantages of various approaches.