Sign up to save your podcasts
Or
Share Camry Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Camry Security
Links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-camry-security/)
The Camry is not the fastest car, nor is it the sexiest. But, it is one of the most popular cars because it delivers the best value. When CISOs are looking for security products, are they also shopping for Camry's instead of "best of breed" Cadillacs?
Check out this post and discussion for the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Lee Vorthman (@leevorthman), sr. director, global security engineering and architecture, Pearson.
Thanks to this week's podcast sponsor, SpyCloud.
Learn more about how you can protect employees and customers from account takeover with SpyCloud.
On this episode of Defense in Depth, you'll learn:
- CISOs have budgets and they simply can't purchase the most expensive and best option for every InfoSec need. Good enough is often exactly what they want.
- It's often not possible to take advantage of all the features on a Cadillac-type security product. So you end up paying for shelfware, or tools that never end up being used.
- The tool's complexity factors into the cost. This is often an argument against open source software which has been branded, most often by the proprietary software community, as "tough to use."
- Each tool creates a new demand on your staff in terms of time and complexity. What new costs are you introducing by acquiring and deploying a new tool?
- "Best of breed" everything can also turn into an integration nightmare.
- If you don't need everything a company is trying to offer, try to de-scope the requirements.
- Some companies are so big that they have no choice but to purchase the Cadillac for everything since so many departments will need access to the tool. It's far too complicated to create an RFP that takes into account everyone's needs. To speed access to the tool these large companies just get the product that "does everything" and then let all the departments "have at it" once it's available for use.
View all episodes
By David Spark, Steve Zalewski, Geoff Belknap
4.8
7373 ratings
Links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-camry-security/)
The Camry is not the fastest car, nor is it the sexiest. But, it is one of the most popular cars because it delivers the best value. When CISOs are looking for security products, are they also shopping for Camry's instead of "best of breed" Cadillacs?
Check out this post and discussion for the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Lee Vorthman (@leevorthman), sr. director, global security engineering and architecture, Pearson.
Thanks to this week's podcast sponsor, SpyCloud.
Learn more about how you can protect employees and customers from account takeover with SpyCloud.
On this episode of Defense in Depth, you'll learn:
- CISOs have budgets and they simply can't purchase the most expensive and best option for every InfoSec need. Good enough is often exactly what they want.
- It's often not possible to take advantage of all the features on a Cadillac-type security product. So you end up paying for shelfware, or tools that never end up being used.
- The tool's complexity factors into the cost. This is often an argument against open source software which has been branded, most often by the proprietary software community, as "tough to use."
- Each tool creates a new demand on your staff in terms of time and complexity. What new costs are you introducing by acquiring and deploying a new tool?
- "Best of breed" everything can also turn into an integration nightmare.
- If you don't need everything a company is trying to offer, try to de-scope the requirements.
- Some companies are so big that they have no choice but to purchase the Cadillac for everything since so many departments will need access to the tool. It's far too complicated to create an RFP that takes into account everyone's needs. To speed access to the tool these large companies just get the product that "does everything" and then let all the departments "have at it" once it's available for use.
More shows like Defense in Depth
View all
Hacked
187 Listeners
Security Now (Audio)
2,008 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,021 Listeners
Smashing Security
319 Listeners
Click Here
415 Listeners
Darknet Diaries
8,061 Listeners
Cybersecurity Today
179 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
188 Listeners
Cybersecurity Headlines
139 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
168 Listeners