CISO Tradecraft® #266 - Why CISOs Miss The Next Big Security Challenge (with Richard Stiennon)
18 snips
Jan 5, 2026 
In this discussion, Richard Stiennon, an industry analyst and founder of IT Harvest, sheds light on the overwhelming challenges CISOs face amidst a rapidly evolving cybersecurity landscape. He explains how AI is accelerating vendor sprawl and complicating threat detection. Richard advocates for the use of peer networks and threat actor insights to better identify emerging risks. With nearly 4,000 vendors, he emphasizes the need for a strategic approach to vendor research and the importance of collecting proprietary data to outsmart the competition.
AI Snips
Chapters
Books
Transcript
Episode notes
From Spreadsheet To Industry Platform
- Richard Stiennon described building IT Harvest from a spreadsheet into a SaaS platform tracking thousands of vendors.
- He hired a college freshman CTO to replace the spreadsheet and scale the research into a searchable product.
From 32 Vendors To Thousands
- G Mark Hardy recalled tracking every cybersecurity vendor at an early conference and finding only 32 companies.
- He contrasted that with today's roughly 4,000 vendors to highlight industry growth.
Vendor Churn Erases Industry Memory
- About 300–400 acquisitions happen each year and roughly 160–200 vendors disappear, making the vendor landscape highly volatile.
- This churn erases institutional memory and hides repeating failures and lessons for new startups.
