"The truth is that it’s hard to secure something that was never built with security in mind, and it’s even harder to do it within increasingly complex environments." - just need to assess it from different angles - like William Gibson did. I am not saying we should build ICE or other really offensive solutions but there are some options....
The CISO part - them being focused on top 3 priorities only - is mostly true. But I just started to see a few non-"checkbox CISOs". It doesn't mean they'll buy the vision (10% ready product) but means they are at least open to try other angles.
Also average deal size for startups (if not SaaS or product led) can go up to 100-150k. Seen it sometimes in our practice.
Otherwise, your article is spot on. As well as your book. I'll definitely re-read it before RSA :)
Good article, although I don't agree with some parts. Time will tell ;)
"The truth is that it’s hard to secure something that was never built with security in mind, and it’s even harder to do it within increasingly complex environments." - just need to assess it from different angles - like William Gibson did. I am not saying we should build ICE or other really offensive solutions but there are some options....
The CISO part - them being focused on top 3 priorities only - is mostly true. But I just started to see a few non-"checkbox CISOs". It doesn't mean they'll buy the vision (10% ready product) but means they are at least open to try other angles.
Also average deal size for startups (if not SaaS or product led) can go up to 100-150k. Seen it sometimes in our practice.
Otherwise, your article is spot on. As well as your book. I'll definitely re-read it before RSA :)