What is your most immediate concern right now as an IT leader?

Security & GRC Culture & Values

Security29%

Business continuity44%

Operational inefficiencies14%

People and team dynamics11%

Other (comment below)

265 PARTICIPANTS

2.2k views1 Upvote2 Comments

Sort by:

vChief Information Security Officer in Software4 years ago

As an Information Security professional, you would think that security would be my highest priority but it is not. Surprised? Let me explain.

Security measures need to be as transparent as possible to my users. The more transparent the more likely my users will comply with then rather than try to circumvent them. That is why I'm concerned with operational inefficiencies. An inefficient process is one that is likely to irritate my users to the point where they seek a "better" way of working. This "better" way is probably going to circumvent my controls. I don't want that. I want my users to stay between the lines and operate within the approved process. I'm willing to be flexible on how I configure my security controls so that I don't introduce operational inefficiencies. It doesn't matter how good my controls are if my users look for ways around them just to get their job done.

Director in Finance (non-banking)5 years ago

Ensuring that we are adding value and enabling the business

Content you might like

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Which of these areas are you targeting for funding increases in your 2026 cybersecurity budget? (Choose all applicable)

Threat detection & response 51%

Identity & access management 60%

Cloud security 47%

Security awareness training 28%

Other 2%

N/A

View Results

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models. Scope includes Environment Setup: Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation. Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

Which digital contract lifecycle management tool is your organization leveraging?

Agiloft7%

Conga23%

DocuSign CLM (SpringCM)38%

Apttus6%

Ironclad4%

Coupa (Exari)4%

Other (discuss below)16%

View Results

What is your most immediate concern right now as an IT leader?

Sort by:

Content you might like

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Which of these areas are you targeting for funding increases in your 2026 cybersecurity budget? (Choose all applicable)

Which digital contract lifecycle management tool is your organization leveraging?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go