CISO budget windfall and how to spend it.
In this episode of the podcast, we welcome industry stalwart Peter Liebert to the Cyber360+ community. Peter talks about the tragi-comedy of the CISO budget pre- and post-incident and offers recommendations for how to spend that windfall should you receive it.
In discussing the onslaught of vendor attention after a breach, Peter recommends a careful assessing approach. Sorting the good from the less good in the aftermath is near impossible. It’s best to clean up first and then compare them all. Importantly, CISOs should use that post-breach time to assess the vendors: how they act, how they respond, are they really partners?
This is where the strong, tight-knit CISO community really comes in to its own. Allowing the practitioners to offer each other advice and the benefit of their experience. Because they are in competition with each other, vendors don’t have an equivalent community and they suffer for it.
- 02:30 — Windfall budget typically comes after an incident, how should CISOs manage it?
- 04:13 — First, get the lay of the land and craft your strategy from that.
- 06:44 — Don’t be the CISO of “I told you so.”
- 07:24 — Can you win more budget without a major incident? Yes, use a tabletop exercise.
- 10:18 — Vendor noise is deafening post-breach. How can you tell who to listen to?
- 13:45 — CISOs have a strong, tight-knit community. Vendors don’t and they suffer for that.