3 Comments

Good article, although I don't agree with some parts. Time will tell ;)

Expand full comment
author

Tell me more - what are some parts that you can pinpoint as questionable?

Expand full comment

"The truth is that it’s hard to secure something that was never built with security in mind, and it’s even harder to do it within increasingly complex environments." - just need to assess it from different angles - like William Gibson did. I am not saying we should build ICE or other really offensive solutions but there are some options....

The CISO part - them being focused on top 3 priorities only - is mostly true. But I just started to see a few non-"checkbox CISOs". It doesn't mean they'll buy the vision (10% ready product) but means they are at least open to try other angles.

Also average deal size for startups (if not SaaS or product led) can go up to 100-150k. Seen it sometimes in our practice.

Otherwise, your article is spot on. As well as your book. I'll definitely re-read it before RSA :)

Expand full comment