Skip to content

How Can CISOs Create A Balanced Portfolio Of Cybersecurity Products?


We’re entering a world of deepening complexity when it comes to security for the modern enterprise. With companies integrating legacy data centers, manufacturing facilities, and networks with the cloud and the Internet of Things (IoT), all connecting to an uncontrollable mass of independently governed endpoints, CIOs and CISOs face a constant challenge of trying to decide what to protect and how to protect it.

Forbes writer, Dan Woods is writing a series of articles about building a cybersecurity portfolio. As quoted in the first article, "How CISOs Can Create A Balanced Portfolio Of Cybersecurity Products" he outlines his objective for this series: 

"This is the first article in a series on building the right cybersecurity portfolio for your business. This piece includes the first two steps (Determine Needs, Allocate Spending According to Risk) companies should take when creating that portfolio.

In my interviews, I heard frequently that even today, with our ever-increasing level of technological sophistication, most of the attacks that bring down companies are not novel or all that innovative. The same type of threats that have plagued companies for years still pose the greatest risks. Therefore, investing in products that help to thwart these problems is wise."

Jeff Williams, Contrast Security Co-founder and CTO, was intereviewed for the series:

“Known attacks are clearly the biggest problem, by far. All of the exploits that have happened, that you read about in the news, have been via known attack vectors.”

~ Jeff Williams
Co-founder and CTO
Contrast Security

Click here to read Dan's entire article that first appeared in Forbes.

New Call-to-action


Mark Hodgson, Vice President of Marketing

Mark Hodgson, Vice President of Marketing

Mark's extensive experience spans over 28 years in marketing high-tech products and services to consumers and corporations. Specific area of expertise is application security and mobile application security.