As a CISO, one needs to have the clear understanding of the different technologies in the market and have the deep knowledge of the pros and cons of each solution. Once the business requirement arises, the business case is made to be approved from management and then the best solution amongst the various vendors is selected.
No technology OEM gives 100% guarantee on their security vendors.
Security is always a dynamic area. Every second day, there is a threat and importantly there is a solution to that. This is an ongoing process that keeps you on your toes and one needs to be geared up at all times.
Another important thing is the lack of good support mechanism from most of well-established international security vendors in India. They have good sales people pitching on product features etcetera which are useful to us. But when it comes to issues and typical problems, they don't have adequate local people as they depend on their headquarters staff outside India. This leads to a sufficient time lapse for an urgent issue wherein security is a highly dynamic area.
Source: Computerworld India
Sign up for CIO Asia eNewsletters.