ICYMI: 5 Highlights from 10Fold’s Security Never Sleeps Panel at RSA Conference

During last week’s RSA Conference, 10Fold’s Security Never Sleeps event once again brought together top security and risk executives from Fortune 1000 companies such as a global hospitality company, Cisco, Kaiser Permanente, and from smaller companies such as Group 1001. They discussed the highs and lows of working with vendors, with a particular emphasis on the critical early stage of building a sales relationship with them. 

Countless products and services are available to support a company’s cybersecurity strategy, and more are introduced to the market all the time, so cutting through the noise is essential. Here are the top five tips from this year’s panel: 

  1. The major themes and trends on their minds in 2024… besides AI 

It is back to basics for CISOs in a lot of ways. Core concerns such as asset management, configurations, observability, visibility, detection and response capabilities, and the continuity risks driven by third-party dependencies are all top of mind. 

Equally pressing for CISOs is justifying their budgets to their board. It is understandable. Boards want to understand where budgets are going and why. Yet, vendors often neglect to articulate how they or their tools can help CISOs report on progress and metrics, leaving a door wide open for cybersecurity marketers to help. 

  1. Doubling down on the third-party risk conversation  

Third-party risk remains a complex issue with no easy answer. CISOs are not getting the level of detail they need upfront from their partners and solution providers, so a lot of due diligence is required. Significant time is being spent verifying certifications (SOC 1, SOC 2, etc.) are in order and assessing risk rankings. There is an opportunity for companies to provide that sort of scrutiny and situational awareness.  

The panelists doubled down on the concerns around third-party dependencies and supply chain risks. They emphasized that while vendors often focus on safeguarding individual companies, there’s a crucial need for greater dialogue surrounding cross-industry incident response, public-private partnerships, and the collective effort to create a safer society. 

  1. AI is the wild, wild west… offering both good and bad opportunities  

The reality is both the good and bad guys are using AI. Still, many of the CISOs were bullish on AI’s potential. Their challenge is simply that AI has become a ubiquitous marketing buzzword, often slapped onto new or existing solutions without substantial differentiation. 

The panelists urged vendors to shift the focus toward the solution itself. Rather than simply touting “AI-powered” features, they encouraged a more precise articulation of how these products can address specific business problems. 

  1. Board meetings need cybersecurity experience in the room 

When asked what they discuss with their boards, there were common questions: 

  • Are they secure?  
  • If there’s been a breach, what was the impact?  
  • Is the resiliency process enough?  

The problem? There’s not always a cybersecurity expert in the room. The panelists admitted this seems to be changing. That security is no longer just a tech geek conversation but a business problem that warrants attention at the highest levels of a business, especially now that the SEC is asking companies more complex questions about what they are doing to be responsible about their use of technology.  

  1. What is the best way to connect with a CISO?  

It might be easier to start with what doesn’t work – emails and phone calls right after a CISO or someone on their team has downloaded a whitepaper doesn’t work.  

What does work? Connecting on a personal level. CISOs are much more willing to have conversations if they’ve been introduced to a vendor at a smaller event or through their network. The panelists advised vendors to explain how you can help first and what you are selling second. In short, CISOs want to feel understood not like a target for your sales pipeline.  

A huge thank you to our incredible panelists Helen Patton, Christopher Kennedy, George DeCesare, and Gram Ludlow, and moderator Carl Wright, for their contributions!   

Leave a Reply

Your email address will not be published. Required fields are marked *