Page 34 - index
P. 34
The CISO’s Job: Untangling the Wild Web of Security Vendors
As we reflected on all the buzz from October’s National Cyber Security Awareness Month, the
sheer amount of vendors in the information security space was starting to make our heads spin!
From software vendors and service providers to analysts, conferences, and organizations, the
information security industry has grown into quite a large and noisy space. As one of those
vendors there are certainly pros and cons: more attention from venture capital firms, but at the
same time, more competition in the market.
As National Cyber Security Awareness Month passed, we recognized how difficult this makes
the CISO’s job. In a time when companies are under constant attack, they’re left with a plethora
of security vendors that all seem to be saying the same thing. One can’t blame a CISO for
feeling overwhelmed by all these options. Further complicating matters is the fact that many of
these companies offer complex networks of different solutions designed to handle different
security functions. Can you imagine beginning an RFP process only to have multiple companies
come back with products falling outside of the initial scope?
Adding another layer of complexity is the industry debate about the best approach to protecting
data. For many years, a layered approach to security has been most popular, with the majority
of investment going to the network layer. Lately, however, this thinking has started to shift;
Forrester Research has recently championed a data-centric approach to security. This
philosophy turns the security stack on its head by focusing on the very thing that attackers
(whether inside or outside the organization) are after: sensitive data.
So, after putting ourselves in the shoes of a CISO, we worked through many of the leading
industry analyst reports and created the Information Security IndustryScape – a helpful little
infographic designed to give a snapshot look at who’s who in the security zoo. We've tried our
best to be as exhaustive as a 1200x900 pixel space will allow, but it's inevitable that a graphic
like this will never be comprehensive in such a rapidly moving industry. Think we left someone
out? Let us know! This is only the first edition of our Information Security IndustryScape and
there will certainly be more to come.
About the Author
Nate Lord oversees the social media and SEO programs at Digital Guardian.
His work includes creating blog and multimedia content that provides unique
insight into the information security industry.
34 Cyber Warnings E-Magazine – December 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
