The list of security products and technologies resulting from searches by even the least sophisticated Internet Search Engines across any of the major security product categories can be quite overwhelming. These categories include ‘firewalls,’ ‘IDS/IPS’, ‘SIEM’ and don’t even mention “Threat Intelligence” since, thanks to the associated market hype-cycle, even vulnerability scanners are now being branded as “threat intel.”
As daunting as the plethora of security products and technologies listed online can be, stepping onto the showroom floor at any large security conference such as RSA, brings that reality into very sharp focus.
In light of this security product deluge and with the operational exigencies of their roles prioritized toward protecting their company’s vital assets, the average resource-constrained CISO in many cases defers exhaustive product testing, technical bake-offs and comparative product analyses to industry think-tanks and high-paid consultants.
There are many, many shortcomings to relying on the results of think-thank reports or consultant recommendations. These reports are often ‘stale,’ reflecting features and functionalities of previous versions of the products in question; are often based on sanitized lab testing environments not reflecting real operational environments; and in some cases have questionable vendor affiliations. This has given rise to more and more CISOs basing their technology investment decisions on the experiences and recommendations of other CISOs in their “circles of trust” rather than industry think-tanks or consultants.
The industry transformation that a “Crowd-sourced CISO Product Recommendation Matrix” would have is only limited by the logistics involved with scaling the “trusted CISO circle” model to cross-industry, national and international levels.