

Budget Planning Guide 2025: Security And Risk - Jeff Pollard - BSW #368
14 snips Oct 15, 2024
Join Jeff Pollard, Vice President and Principal Analyst at Forrester Research, as he shares insights on navigating budget planning for security and risk in 2025. He discusses critical investment areas like software supply chain security and emphasizes the need for a risk-based approach to human risk management. The chat also touches on the importance of integrating security practices into overall business strategy, evolving pricing models for flexibility, and fostering a security-conscious culture amidst budget constraints. Dive into actionable strategies to enhance cyber resilience!
AI Snips
Chapters
Transcript
Episode notes
Key Investment Areas for 2025
- CISOs should focus investments on software supply chain and API security, human risk management, skills training, and IoT/OT threat detection.
- These areas address both technological vulnerabilities and human factors essential for risk mitigation.
Tailor Human Risk Training
- Use human risk management to target security training based on individual behavior risks.
- Avoid one-size-fits-all training to reduce workflow interruptions and improve effectiveness.
Cyber Ranges Enhance Skills
- Certifications alone do not adequately prepare cybersecurity personnel for real work environments.
- Cyber ranges provide practical simulations to build transferable investigative and operational skills.