Balance Budget and Tools by Rationalizing Your Security Stack


Manage episode 281769547 series 2643387
By Steve Moore, Exabeam and Steve Moore. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Gorka Sadowski, the CSO of Exabeam, joins us on this episode to speak about his decades of experience in cybersecurity and what he’s learned about acquiring new technology.

Gorka’s Journey

Although Gorka became Chief Strategy Officer for Exabeam only three months ago, he has over 30 years of experience in cybersecurity. Gorka has learned many valuable lessons along the way, especially during his time at Gartner, the global IT service management company.

Each year, Gorka spoke to over 600-700 clients and vendors about their successes and failures. Although rigorous, the beauty of this is that by speaking to many different clients, he was able to recognize patterns on what works and what does not. Both vendors and clients benefit from these conversations. Newfound knowledge emerges, which is then studied in a more formal setting and is later published as research by Gartner.

Non- Gartner research then compliments what is learned in the conversations of Gartner clients and vendors.

The Pitch Problem

One of the biggest issues that Gorka has identified is a misalignment with expectations of a product and the value proposition it’s supposed to fill. He feels that vendors oftentimes like to take liberties on pitch of their products and sometimes, the readers of the pitch can get caught up in wishful thinking.

As someone who has spoken with both sides of this problem, Gorka feels it’s best to begin with why—why does someone need your tool? Then work your way through the how and the what. He discusses Toyota and their message as an example of the why aligns with the what. Listen to the episode to hear more on what Gorka means by this.

Building Trust

There are no shortages of huge claims or startups that promise everything. The CISO or the client organization need to learn how to pierce through the veil and filter the messaging they receive, and they need to do so diligently.

Gorka advises vendors to build trust by being consistent and have the humility to admit when your technology cannot accomplish what the client wants. Ultimately, this will help you. It takes time to build trust, which Gorka reminds us, is not a binary quantity. Growing trust occurs with baby steps. Ultimately, things don’t have to be perfect for things to be great.

What Covid Revealed

Gorka believes that Covid revealed that many companies are using outdated or underutilized technology. But the pandemic also brought out the need to take stock of what a company has and question if it needs to be changed, updated, or encouraged. If you realize there is some old technology that isn’t useful anymore, you benefit from not just getting rid of it, but from saving yourself the cost of maintenance. This will free up your budget for new technology.

The CISO and the Vendor

Many times, the CISO is—and should be—skeptical. Gorka believes you need a healthy dose of reality so that you can understand the factors at play and to avoid being burned. By the time someone reaches the position of CISO, they can “smell the BS,” as they know how to pay attention to body language and asking the qualifying questions.

Gorka also stresses the importance of the CISO creating an engaged process to buy new technology. He encourages CISOs to bring in many people and get more of the company involved. Listen to the episode to hear more of his thoughts on this.

The Why, the How, and the What

Gorka gives advice for the pitch itself. He iterates that the vendor and the client have to both understand why the tool is needed, in addition to how one can operationalize this tool. The organization must clearly see how they can embrace and implement this new tool.

It’s important to follow up with the specific question of what value can this specific company get out of this tool? Why is it good for them specifically? Gorka emphasizes how the company should have a checklist of what value they want out of the tool before the meeting with the vendor. They must understand what value they are seeking, and how this fits into their budget ad mission. Listen to the episode to hear more about what both the client and vendor should do before and during the meeting.


Gorka believes that the new CISO needs a good balance of preventative measures and the humble acknowledgement that things sometimes do happen. In addition, the CISO must pay attention to how the organization as a whole looks at threat detection, investigation and response, particularly utilizing analytics to help aid in the work. Listen to the episode to hear more on Gorka’s thoughts of an analytics driven, automated cyber security team.


New CISO Podcast

Gorka Sadowski - LinkedIn

62 episodes