- Will it have the impact on our security program we hopped it would?
- Did we spend too much or not enough?
- How much money is enough?
- What the hell should i be spending it on that will make the biggest impact?
Is it wiser to invest in your people and the fundamentals or to invest in state-of-the-art laser cats with predictive AI powers? What is the right level of budget for your organization and how will you show improvements to the organizational security posture against the spend on the security program.
Vendors love money, and the love of money is the root of all evil.
- How do you know if your vendor is predatory?
- Does the product or service do what they claim?
- will you need to increase headcount to accommodate the tool or service?
- Could you get a better deal on this tool or service?
- Do I even need this tool in my portfolio or is there an existing tool that I can leverage better?