Mon, 22 April 2019
Find the full episode of this podcast (with links and images) on the CISO Series site right here: (https://cisoseries.com/im-humbled-to-tell-you-about-my-prestigious-award/)
I'm not exactly sure what "humbling" means, but I'm going to use it to hopefully soften my braggadocio announcement.
We discuss semantics and when it's OK to boast your accomplishments on this week's episode of CISO/Security Vendor Relationship Podcast.
This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson. Our guest this week is Will Lin (@WilliamLin), partner and co-founder, ForgePoint Capital.
Thanks to this week's sponsor, Praetorian
As a professional services company, Praetorian helps enterprise customers solve complex cybersecurity problems. We are the security experts.
On this week's episode
How CISOs are digesting the latest security news
In many industries we see VC investments following trends. This is hot and new, let's go and invest in it. A recent story on Forbes spotlights five trends in cybersecurity which comes off as catnip for VCs or at least those in those spaces looking for investments. Is trend hopping a lucrative way to succeed with cybersecurity investments?
Why is everybody talking about this now?
Peter Cohen, director at Countercept remarked on the hypocrisy of posting a photo of yourself on stage and referring to it as "humbling". People say this with zero idea of the definition. The use of humbled or humbling as a verb means that at one time you thought you were superior and now you realize you are not because essentially someone defeated you and put you in your place. I don't get the sense that's what people mean when they refer to an experience as "humbling." But do a search for the term on LinkedIn and you will see people use it ALL THE TIME. Some of the most popular posts on LinkedIn are achievement announcements. Where's the line between saying you're proud of something and would you honor it with me and coming off like a jackass?
We have two scenarios this week in honor of our VC guest.
Hey, you're a CISO, what's your take on this?
In a special VC edition of "Hey, you're a CISO, what's your take on this?"
Much of what we talk about on this show is what we like and don't like about how security companies market themselves. In the news, the only role we hear VCs playing is financial. But given that VCs are seeing the inner workings of a startup, they can probably see firsthand why a company succeeds or fails. Given what VCs are privvy to that others of us are not, how can VCs help shape the way vendors market themselves?
Ask a CISO
Fernando Montenegro of 451 Research brought to my attention this tweet from Soldier of Fortran that caused a flurry of discussion. The tweet pointed out that many sites say they offer pricing, but when you go to the page it's just a lot of verbiage with a link to request a quote. Haroon Meer of Thinkst, producers of Canary deception devices and a former guest on this show, said they have pricing on their site even when experienced salesmen told them not to do it. Kyle Hanslovan of Huntress Labs, asked how he could provide transparent pricing when half of his clients are direct and the other half are distributors. Is there a happy medium here or is obfuscation the way to succeed with security selling?