What questions should a new security leader ask before starting the journey of vendor consolidation?
Sort By:
Oldest
CISO in Finance (non-banking)7 months ago
The "why" is broad but important. Are you addressing gaps in security? Are you adding value to the overall security? Are you going to be addressing everything that you have, or are you going to be leaving any holes because of this? All of these factors must go into the decision-making process. Even if saving money is the primary goal, you still have to consider the extra things that go into it, such as the teams that have to work on implementation and the potential need for integration with other tools. The value of saving money alone is not enough to push something. Other questions must be answered as well.Director of IT in Healthcare and Biotech7 months ago
The first question that should be asked is "why?" Why would they want to consider doing this in the first place? This question will be revealing and there's something substantial behind that answer. If their response is along the lines of "it sounds like a cool idea", that's probably the wrong answer.If the consolidation is purely from a cost perspective, it may not be the best step forward to keep your costs down. You can approach vendors and make them compete against each other to reduce your costs. So, the first question should be, "Why do you even want to consider doing this?" Once you have that answer in detail, then you can start to peel that apart and figure out if this is something you should do or not.
Director of Information Security in Services (non-Government)7 months ago
Additional questions could be related to your business case and compliance requirements. Will this consolidation help solve these? There must be more discussions and risk assessments around just going with the best quote.