“Most Companies Get By Without Best-in-Class Security Tools” 

Our recent conversation with the Managing Director of Cyber Risk and CISO Advisory for a large consulting firm centered on information security vendors and macro trends. On the topic of spending priorities, he said it “is different by sector,” with “highly regulated industries such as banks” continuing to focus on pressing cybersecurity concerns and putting innovative projects like AI/ML in the back seat for a while. Meanwhile, he says some industries unfortunately still see cybersecurity as “optional,” calling out some pharmaceutical and food processing companies as examples where they “have 30,000 to 50,000 employees, with two people working in cybersecurity.” He says the “CIO’s explanation for the two-person strategy is, ‘We haven’t had any problems yet, so we’re not going to grow that area.” Our guest quickly rebutted that the “hasn’t happened to me” defense may not even be true, since “the bad guys can be in there 250 days before anybody finds out. In fact, if you don’t have the right tools, you’re never going to find out.”

Leave a Comment

Request to Join

The ETR Community is an exclusive group of IT decision makers. If you have purview over the tech spend in your organization, please fill out the form below to see if you qualify to join the ETR Community. Ready to jump in quicker? Applications with LinkedIn links included are able to be reviewed more quickly. Thank you!