For some reason, it's an interview that really sticks out in my mind.
During a conversation on identifying priorities for limited InfoSec budgets, a CISO told me that his company nearly signed a DDoS mitigation contract for several hundred thousand dollars to help keep the organization's website up and running.
DDoS was a hot concern at the time, based on attacks in the news.
Shortly before the deal was inked, the organization determined there would be very little revenue actually lost if the company website was taken offline for a time by DDoS. It could expect more calls to customer service reps, yes, and perhaps some unhappy customers, but almost no lost revenue.
The spend could not be justified, and the money was shifted to a more relevant security priority. But it was a close call.
Scenarios like this point out the importance of the session Randy Raw is leading May 9th at SecureWorld Kansas City: "Are You Spending Your InfoSec Dollars in the Right Place?"
Randy is Director of Information Security at Veterans United Home Loans in Columbia, Missouri. He has 25 years of experience in both public entities and private industry, having built three Information Security programs from the ground up.
"This presentation will discuss how to evaluate whether you are increasing your security posture with your spending," he says.
And not just today's spend. He also will share how to evaluate your current security spending to make sure it is appropriate in your "future world," as he refers to it.
If you are in the Midwest, plan to join your peers at the 6th annual SecureWorld Kansas City conference at Overland Park Convention Center on May 9, 2018.
You can see the updated agenda, view attendee levels, and register for a powerful day of learning and networking focused on the future of cybersecurity and leadership.
The bad actors are collaborating, and this is a great way for the "good guys" to do the same thing in 15 cities across the U.S.