This week's episode of Defense in DepthTrusting Security Vendor Claims
On this episode of Defense in Depth:Co-host Allan Alford and Lee Parrish, CISO, Hertz, discussed:
From those surveyed by Valimail survey, a third to a half didn't believe that vendors did a good job explaining what their product does, or that the product actually performed, or there was any way to actually measure that performance.
Many questioned those numbers because they feel many security buyers still fall for security vendors' boastful claims. Both can actually be true.
Stunned behavior at a trade show is not the indicator of knowledge and susceptibility to vendor pitches.
When you're under the gun as a security professional to produce results you often become victim to security vendor claims because you want to deliver on demands from the business.
By nature, CISOs should be skeptical about vendor claims and information within their own environment.
There's a battle between those vendors truly trying to deliver value and those who are using their marketing savvy to sway industry thinking.
Don't place all the blame on the vendors. CISOs still have trouble understanding their requirements, risk, and priorities. Many are guilty of engaging in "random acts of security".
Claims can often be more trustworthy if the vendor is willing to explain what they can't do.
Click here to listen: https://cisoseries.com/defense-in-depth-trusting-security-vendor-claims/
Tags 🏷
#cybersecurity #cso #ciso #infosec #hacker #itriskmanagement #ciberseguranca #cyberattacks #threats #malware #cibercrime #exploit #hackers #hacker #breach #mitreatt&ck #pentesting #cloudsecurity #cyberwar #datasecurity #ethicalhacking #hacking #cloud #informationsecurity #securitymanagement #infosec #ransomware #datasecurity #cisoseries
On this episode of Defense in Depth:Co-host Allan Alford and Lee Parrish, CISO, Hertz, discussed:
From those surveyed by Valimail survey, a third to a half didn't believe that vendors did a good job explaining what their product does, or that the product actually performed, or there was any way to actually measure that performance.
Many questioned those numbers because they feel many security buyers still fall for security vendors' boastful claims. Both can actually be true.
Stunned behavior at a trade show is not the indicator of knowledge and susceptibility to vendor pitches.
When you're under the gun as a security professional to produce results you often become victim to security vendor claims because you want to deliver on demands from the business.
By nature, CISOs should be skeptical about vendor claims and information within their own environment.
There's a battle between those vendors truly trying to deliver value and those who are using their marketing savvy to sway industry thinking.
Don't place all the blame on the vendors. CISOs still have trouble understanding their requirements, risk, and priorities. Many are guilty of engaging in "random acts of security".
Claims can often be more trustworthy if the vendor is willing to explain what they can't do.
Click here to listen: https://cisoseries.com/defense-in-depth-trusting-security-vendor-claims/
Tags 🏷
#cybersecurity #cso #ciso #infosec #hacker #itriskmanagement #ciberseguranca #cyberattacks #threats #malware #cibercrime #exploit #hackers #hacker #breach #mitreatt&ck #pentesting #cloudsecurity #cyberwar #datasecurity #ethicalhacking #hacking #cloud #informationsecurity #securitymanagement #infosec #ransomware #datasecurity #cisoseries
Comentários
Postar um comentário