At what stage of your engagement do you sign an NDA with a vendor you are evaluating? Day 1? POC? Never?

3.9k views1 Upvote6 Comments

Sort by:

Executive Vice President, Chief Digital Officer & Head of Cybersecurity in IT Services2 years ago

It is signed on the day when you are asked to share any information.

Chief Information Officer in Education2 years ago

It depends.

If we are doing something proprietary or a new competitive business initiative then on day 1.

If we are doing something more in the I&O space then at POC.

VP of IT2 years ago

Before sharing any information about the company, it could be on Day 1, POC, contracting, or before implementation. But it must precede sharing any information about the technology or security stack of my company.

Director of Network Transformation2 years ago

When the talks get serious about the tech. Or there is a confidential use case. But never day 1.

CIO in Hardware2 years ago

The day I start having business discussions.. It could be just after the first meeting..

Content you might like

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models. Scope includes Environment Setup: Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation. Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

Is security training at your organization personalized to the employees?

Yes45%

Somewhat39%

No15%

View Results

What is stopping your company from automating your accounts receivable process?

Unsure what technology is available17%

Unsure we could implement it32%

Resistance to change39%

It could negatively impact customers23%

People could lose jobs18%

Our AR process is too complicated15%

Cost18%

Nothing, we have already automated our accounts receivable14%

View Results

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

At what stage of your engagement do you sign an NDA with a vendor you are evaluating? Day 1? POC? Never?

Sort by:

Content you might like

Is security training at your organization personalized to the employees?

What is stopping your company from automating your accounts receivable process?

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go