All Articles

We heavily rely on references while taking a decision on adoption of a new technology or a product. However, there is no dedicated analysis of product leadership purely based on customer recommendation. From CISO Platform technology Analyst team, we are happy to announce the concept note for CISO Index which shall rate products purely based on CISO recommendation.

Why do we need a CISO/Customer recommendation based product/technology rating framework?

1. CISOs or the users can provide the most meaningful verdict for a product
2. With the whole world getting social, community recommendation should play bigger role in decision making
3. Currently there is no globally acknowledged framework solely based on CISO/Customer recommendation

To exercise your vote and provide your rating: Click here 

Proposed "CISO Platform Index"

The CISO Platform Index shall use a transparent methodology to compare the players in software, hardware, or services market so that the CISOs can make well-informed decisions. The CISO Platform Index offers two indices to compare:

1. CISO Perception Index (CPI) - Index developed based on the perception of CISOs about the vendor /Product on different evaluation metrics. i.e. by CISOs who have not used the product but have studied about it.
2. CISO Recommendation Index (CRI) - Index developed based on the recommendation by CISOs who used the vendor product on different evaluation metrics.

CISO Platform shall map the participating vendors into a map with two axes being CPI and CRI. After such analysis, we shall publish the following for various technology verticals (e.g. Data Security, Application Security Testing etc)

(Read more:  5 Best Practices to secure your Big Data Implementation)

Enterprise Segment

1. CISO Platform Champions: High CRI and High CPI
2. CISO Platform Challengers: One of the indices (CRI or CPI) is High and the other is moderate

SMB Segment

1. CISO Platform Champions: High CRI and High CPI
2. CISO Platform Challengers: One of the indices (CRI or CPI) is High and the other is moderate

To exercise your vote and provide your rating: Click here 

CISO Platform Index Methodology

The following steps will be executed for evaluating the vendors-:

Step 1- Collection of CRI Data: The Customers/Users of a product shall be requested to rate each product on a scale of 1 to 7 for the following parameters.

1. Overall Rating
2. Features
3. ROI/Price
4. Ease of Implementation
5. Support

Sample Likert Scale:

Step 2- Collection of CPI Data : The CISOs/Security Professionals shall be requested to rate a product of on a scale of 1 to 7 on how they perceive the product (overall rating). We will not ask granular information like that of CRI.

Step 3- Analysis of the Data:

• CPI Calculation for each Product: The Mean likert score for each vendor collected from participants who haven’t used vendor product but are aware of its pros and cons will be known as CPI (CISO Perception Index).
• CRI Calculation for each product: The Weighted Mean likert score for each vendor collected from participants who have a current/prior usage experience of the vendor product will be known as CRI (CISO Recommendation Index). We shall have the following weight age: Features (30%), Price/ROI (30%), Ease of Implementation (20%) and Support (20%)

Vendors shall be encouraged to come up with more references of their customers as this will help in analyzing them with more confidence. Also, we will be providing additional confidence rating to the vendors based on the number of references they provide. Any product with less than the cut-off number (10 references) for recommendation shall be eliminated from the analysis.

(Read more:   How Should a CISO choose the right Anti-Malware Technology?)

Mathematical Analysis

1. We will plot the graph for representing CRI vs. CPI.
2. We have defined a cut-off score of 4 (Neither satisfied nor dissatisfied) out of 7 (Extremely Satisfied) on likert scale for CPI and CRI.
3. The vendors which are scoring above the cut-off in CPI and CRI will be divided between the following two quadrants based on their CRI/CPI score-:

• Champions ( Those lying in the top-rightmost quadrant in the CPI vs. CRI graph)
• Challengers (Those lying in the bottom-rightmost quadrant in the CPI vs. CRI graph)

To exercise your vote and provide your rating: Click here  

Click here to view the discussion forum OR provide your feedback .

Rakshit Dhamija, CISO iGATE, sent us the beautiful graphics with "CISO Opinion matters". We simply loved it and decided to share it below.

To exercise your vote and provide your rating: Click here 

More:  Want to become a speaker and address the security community?  Click here