Shelfware
From Socology.org - The Study of Security Operations
Shelfware is defined as " Computers. software or hardware that remains unsold, unused, or underused[1]"
In common occurrence, this would be tools, software or capabilities which a Security Operations Center is not using.
Why Does Shelfware Happen
Shelfware occurs for several reasons:
- A tool is purchased, however there are gaps in the Dimensions of Process, Ticketing, Staffing and Documentation
- From an ITIL Perspective, Service Design, Transition and Operations were lacking.
- A tool is purchased with the expectation to solve a particular issue, however on implementation it is either not effective or has too high a Level of Effort[2] to become effective.
- Context Switching - A tool is purchased to provide a certain capability, however priorities shift and the need for that capability looses focus.
Impact
Budget - The primary impact to the business is a loss of Return on Investment, or wasteful Risk Management spending. This increases risk to the enterprise through opportunity cost.
Enterprise Amnesia - In observations and experience, an enterprise may circle back on this tool, capability or need in the future and question why the capability doesn't exist. This is a good example of Enterprise Amnesia.