Three years after my last appearance in a conference due to COVID-19 lockdowns, I was invited to present to the 9th Information Security Conference in Greece. The conference theme was Enabling a Secure Future: Managing Risks in a Constantly Changing World. The conference was virtual / online and was held on the 17th of February, 2022.
Some months ago I participated in a discussion in The Inner Circle, a Cloud Security Alliance community when the subject of budgeting came up. I had written a blog post in 2019, on ways one can use to budget for security. I knew the data would have changed, but I did not know how much.
I decided to work on the "next version" of this blog post and deliver it at the conference as a presentation. Although the intention was to approach the concept of strategizing and budgeting as a whole, as the time available for the presentation was only 10 minutes, I decided to just focus on the budget and the investment choices.
The presentation, titled Is it time to rethink our investments? presents some data on how significantly did the security budget change in the last two years, and poses a couple of questions for CISOs, to reconsider if, with the new budgets and the changed threat landscape, their investments still make sense and are the best for their business.
Overall I enjoyed the research and preparation for the presentation, but I do not think I enjoyed the virtual / online mode. I believe I prefer the live events; although being an introvert, I expected the opposite to be the case.