What's the most overrated security product buzzword?

Security & GRCThreat & Vulnerability Management

Perimeterless13%

Zero-trust50%

Predictive16%

AI14%

Zero day5%

765 PARTICIPANTS
4k viewscircle icon1 Upvotecircle icon1 Comment
Sort by:
Senior Director, Defense Programs in Software4 years ago

Single pane of glass.

Lightbulb on3

Content you might like

Who does your GRC Team (Governance, Risk and Compliance) report to?

CIO28%

CTO23%

CISO26%

COO8%

CFO5%

CEO5%

None of the above2%

View Results

‘AI’ Business Model – With many components flowing into the AI domain (cost, data, E&C, people, value, strategy, duplication of everything, etc.), I’ve started to think about splitting out ‘AI’ from the operating model and putting it into a separate legal entity. This way, I could manage a) risk and compliance, b) cost, c) resource allocation, d) governance, e) IP, f) revenue generation, etc.

Of course, this isn’t new in general, but I’m especially interested in how this approach could help with the ongoing challenge of ensuring compliance with data privacy and regulations related to LLMs and data access/usage over time.

My question: Is anyone else thinking about this, or has anyone already done it? I know there are examples in the literature, but I wanted to float this here for general comments and discussion.

Read More Comments

Have you implemented a solution/platform to monitor API transaction logic for anomalies (to detect API abuse)?

Yes 29%

Currently implementing API abuse detection 29%

Planning to implement — still evaluating solutions 25%

No 17%

Other

View Results

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Read More Comments

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models.  Scope includes Environment Setup:  Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation.  Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

What's the most overrated security product buzzword? | Gartner Peer Community