I Wish I Didn't Post That... But I'm Glad I Did

I Wish I Didn't Post That... But I'm Glad I Did

September 25, 2018

CISO | Security Vendor Relationship Series

This week's podcast episode

I Wish I Didn't Post That... But I'm Glad I Did

I Wish I Didn't Post That... But I'm Glad I Did

What you'll learn:

On this week's podcast, co-host Mike Johnson, CISO, Lyft, and Mike D. Kail, CTO of Everest.org discuss the following:

  • Should CISOs hold vendor office hours or engage in vendor speed dates? We talked about Allan Alford, CISO of Mitel and former guest on the show, and his announcement that he was going to reserve two hours a week to talk to CISOs. While Mike Johnson and our guest applaud Allan's effort, it's not for them, but they agree that they're willing to shake up their discovery process of vendors.

  • Live your life online as you do offline. That has been Mike D. Kail's philosophy as he doesn't want to remember if he said something "in real life" or online.

  • Something stupid online can change your viewpoint. Mike Johnson admits to an early LinkedIn post he wrote about security vendors that he initially regretted. The post caused an uproar among security vendors who called Mike out on the post. Upon reflection of the feedback it's actually changed a lot of his thinking about security vendors. 

  • We play a round of "What's Worse?!" This may be the toughest round we've ever played. I presented two scenarios of bad security policies that drove a split decision between Mike Johnson and our guest.

  • Don't put obvious stuff in your pitch. Mike and Mike dissect a pitch from a listener. One of their greatest concerns with the pitch is that it includes a lot of obvious information relevant to the product that's being pitched. A pitch shouldn't describe how all products in your category work, it should explain how yours is differentiated by all the other products in your category.

  • Bringing in a consultative reseller adds another education layer. Mike D. Kail doesn't work with resellers because it just becomes yet another entity he has to educate about his architecture. Instead, he'd rather own that knowledge and educate just vendors, not vendors AND resellers. 

    This episode is sponsored by Thinkst, makers of Canary deception devices. Read how much their customers love their product here. We thank Thinkst for sponsoring this episode of the podcast.

    This week's video for the CISO/Security Vendor Relationship Series

    Best Responses to "One CISO's Grand Experiment to Engage with Security Vendors"

    One CISO's Grand Experiment to Engage with Security Vendors

    Shocked would be an understatement said one security vendor of Allan Alford's announcement that he was going to reserve two hours a week to meet with security vendors. We talked about this on this week's podcast and the community weighed in on the announcement as well. This video highlights my favorite LinkedIn comments about the piece.

    CISO/Security Vendor Relationship Roundtable Webinar

    They came.They discussed.NOBODY GOT HURT!

    CISO/Security Vendor Relationship Roundtable Webinar

    Yesterday we held the CISO/Security Vendor Relationship Roundtable, and it was a huge success.We discussed the following topics:

    • What’s so difficult about buying/selling security products?

    • How and when do you trust a security vendor?

    • When does a vendor become a partner?

    • Does the traditional culture of sales not work with security products?

    • Does fear sell even though CISOs hate it?

    With the following panelists:

    • Tyson A. Martin, CISO of Orvis

    • Alex Wood, CISO, Pulte Mortgage

    • Rick McElroy, Head of Security Strategy, Carbon Black, Inc.,

    • Filip Kaliszan, CEO, Verkada

    Bummed you missed it? Don't worry. We've got the one hour discussion available on demand.

    SUBSCRIBE TO THE PODCAST

    Got a podcast catcher? Search for "CISO" and chances are you'll find the CISO/Security Vendor Relationship Podcast. If it doesn't come up, go ahead and click on any of these links to subscribe to the feed.

    If you're already a subscriber, THANK YOU! If you like the show, please tell all your friends on social media and write a review on iTunes.

    Sponsor the podcast or the series!

    Very soon the CISO/Security Vendor Relationship Series and podcast will be moving to its very own home. You'll see more articles, videos, an ebook, and a webinar. We've been extremely fortunate to have a number of vendors eager to sponsor the podcast and the series.

    If you'd like to sponsor the podcast or the full series please reply to this email or connect with me on LinkedIn.