Terry Grogan found herself in a situation familiar to many security leaders. She was working at an organization going through a major tech initiative with big security implications put on an understaffed department.
As a result, Grogan needed to implement new, more advanced network monitoring capabilities.
She found an exemplary partner: a vendor who laid out a plan to pilot its solution at no charge for three months to determine the hospital’s biggest gaps and whether the solution could close them.
“We were able to see how this product not only solved problems we thought we had, but helped bring efficiencies we didn’t even know we could get,” Grogan says.
Grogan was impressed and inked a long-term deal with the vendor.
Grogan’s decision to finalize a contract with that vendor wasn’t based solely on its solution’s capabilities.
Of course, she wants the products she buys to work, but it was the vendor’s ability to work with the hospital, fit its solution into the hospital’s technology stack and advise Grogan on the best security strategy moving forward that really distinguished it.
“I absolutely need a vendor who is a partner; there’s almost no exception to that need,” says Grogan, now CISO for Pixel Health. “You used to be able to buy something, like an antivirus, have them install it and leave. Now security is so complex and touches so much and overlays all of the infrastructure and changes so quickly that you need a vendor who is an advisor.”
CISOs have always relied on vendors to provide them with the tools they need to secure the enterprise; there aren’t many homegrown solutions in a typical enterprise security operation. But CISOs also have a choice of vendors, and given their limited time and budget, as well as the ever increasing importance of the work they do, they’re becoming more selective and discerning about which vendors they engage.
This isn’t just about trimming the number of vendors they use, though Gartner, the tech research and advisory firm, lists vendor consolidation as one of the top trends in enterprise security for 2021 and notes that “most organizations recognize vendor consolidation as an avenue for reduced costs and better security.” Ultimately, CISOs want to ensure that the select vendors they use are delivering both quality solutions and the value-adds they seek so that their security teams can perform at a higher level.
Original article source was posted here