Subscribe: Comments on Jeremiah Grossman: Outsourcing and Top-Line Security Budget Justifica...
http://jeremiahgrossman.blogspot.com/feeds/4824717669789385033/comments/default
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
absolutely web  company  customers  dave  feel free  financial saas  great  heidi  jeremiah  sales  security  suspect strongest  web financial 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Comments on Jeremiah Grossman: Outsourcing and Top-Line Security Budget Justifica...

Comments on Jeremiah Grossman: Outsourcing and Top-Line Security Budget Justification





Updated: 2018-04-12T05:16:05.215-07:00

 



@Heidi, that is great, thank you for sharing. Very...

2009-09-08T13:35:20.484-07:00

@Heidi, that is great, thank you for sharing. Very interesting that they know enough to ask for a current pen-test report.



I won't mention our name on here, but if you h...

2009-09-08T13:10:14.273-07:00

I won't mention our name on here, but if you have more questions feel free to contact me directly.

Or, you could send them over to Ireland with Tom Brennan - I'm speaking at the same conference as him on Thursday here in Dublin!

Dave



Customers are asking first for certifications and ...

2009-09-08T11:37:17.184-07:00

Customers are asking first for certifications and associated paperwork (aka SAS-70, Cybertrust cert), second they ask for vuln test results within 3 months currency, third they usually hit us with a questionnaire that is a variant of PCI. That's about all the detail I can go into.



Talk about a security success story. Wow, well don...

2009-09-08T10:41:25.293-07:00

Talk about a security success story. Wow, well done! Feel free to name drop the company if you feel so inclined.



Hi Jeremiah, Not quite yet but with the effort we...

2009-09-08T10:21:43.963-07:00

Hi Jeremiah,

Not quite yet but with the effort we are putting into it I imagine we will see security effectively pay for itself through increased sales. Another one or two big clients who move to us for our security expertise and processes and that would definitely be true.

I don't have any hard facts for that yet but I will keep an eye on it.

Dave



@David that is great! So in many ways are you seei...

2009-09-08T10:16:47.184-07:00

@David that is great! So in many ways are you seeing security pay for itself with respect to increase in sales?



Hi Jeremiah We are seeing security increasingly u...

2009-09-07T08:59:11.927-07:00

Hi Jeremiah

We are seeing security increasingly used as a unique selling point for us as a company.

We are in the process of signing a major client who's reason for outsourcing is security/risk related. They came to our offices and spent more time questioning/chatting with the security team than any other area.

We find the fact that we have security (and development staff) involved in security projects such as OWASP and presenting at places like DEFCON a definite USP in our market space (payments BTW).

We are seeing more and more people actually not accepting PCI compliance as enough assurance anymore. They want to see how we address the common flaws in our market space (secure app development being right up there) in a way which shows expert level security knowledge and processes above and beyond a compliance standard.

In short, we invested heavily in security (even to the point that it is now a company value) because it not only keeps us in business but it clearly can win us business as well.

Dave



@Heidi, what types of security questions are custo...

2009-09-04T08:52:59.448-07:00

@Heidi, what types of security questions are customers asking? What assurances are they expecting? Whatever details you could provide would be quite helpful.



What she said. Suspect this is strongest in fin s...

2009-09-03T20:12:39.983-07:00

What she said. Suspect this is strongest in fin svcs and medical/pharma.



Absolutely. We're a Web financial SaaS provid...

2009-09-03T20:04:48.862-07:00

Absolutely. We're a Web financial SaaS provider and we're very much under the audit microscope from prospective and current customers. Good security means faster sales.... I've got testimonials from the sales team to prove it.