It’s not easy being a CISO. One could say “intense” might be the perfect descriptor for the CISO work environment. Tasked with the unenviable job of keeping the organization safe, carrying the burden of failed protection and taking hits for successful breaches, CISOs can never rest. They are continuously looking for ways to improve their defenses through employee education, security training and other efforts against a dynamic and evolving threat landscape.
Honing in on the right solution to secure the organization is a major challenge. One of the issues which effect this are the numerous security offerings out in the market. New vendors are constantly adding their solutions; each claiming to provide the highest level of security for every CISO’s cyber needs. The dramatics of the CISO-vendor relationship is highlighted in a new series of humoristic videos which were published this week. Here is one of the videos in the series:
Here are links to all five videos:
Mime is Money: Many vendors know how to tell the story, but how many deliver?
Every Breath You Take: What wouldn’t a security vendor do to get to a CISO?
Be Right With You: Are security vendors really there when you need them?
Driving the Point: How many solutions truly put you in the driver’s seat?
Threat Net: Trust us Mister CISO, this won’t hurt at all.
One of the main inspirations for these videos were David Spark’s article, “30 Security Vendor Behaviors That Set Off a CISO’s BS Detector.” The article examines some of the claims vendors make which CISOs find hard to digest. As expected, the majority have to do with claims of absolutes like the obvious and empty buzzwords AI and machine learning. These are the typical go-tos of many sales and marketing teams.
Together with the ‘BS’ vendors used to getting noticed, and with all the groans and complaints from the targeted CISO, there are some real truths behind all this ‘noise.’ Because, what CISO will meet for a demo from a sales vendor whose pitch is, “My solutions is ok. It will find some threats under the ideal circumstances?” So, as far as the vendor-and-CISO relationship goes, arguments can be made for both sides.
The different dynamics of the relationship take center stage in this series of five videos that poke fun at the dynamic. At the same time they recognize the extreme pitches some vendors reach in attempting to be heard. Those pitches sound something like the vendor that promises security against every threat but never delivers. The vendor that calls nonstop. Or the vendor that says they can do anything and everything and more.
The videos, while laughing at the ridiculousness of many vendor pitches, were actually shot by a security vendor (as opposed to a frustrated CISO tired of being targeted), who has the sense of mind to laugh at themselves, as well as at other overly enthusiastic vendors.
So grab your popcorn and have a watch. CISOs – you will probably be able to relate. Vendors – have a good laugh at yourselves. Remember – all work and no play makes for a very dull day.