Discovery Questions Flashcards
Environment
Which public cloud platforms do you use? Have you gone multi-cloud? Do you secure your clouds with different tools for each cloud?
Do you use a CWPP? A CSPM? If so, can you tell us which vendor(s)?
Security Related
Have you experienced a significant security incident? If yes, when/what happened? Were there negative consequences?
Do you feel like you have some security blind spots across your cloud environment? Do you have visibility into all your AWS, GCP, and Azure cloud assets?
Does your current cloud security approach provide a prioritized view of risk?
Sizing
Which cloud services does your organization consume?
About how many cloud assets do you have on your public cloud platform(s) today?
What is the average number of actionable alerts that you receive on a daily basis?
Approximately how many cloud assets such as VMs, containers, and datastores are deployed across your public cloud platform(s) today?
Confidence/Reporting
How would you rate your business’s risk posture?
Are you able to effectively communicate the status and progress of your cloud security program to key stakeholders?
Do you feel overwhelmed by the number of vulnerabilities you are asked to patch and other security issues that need to be remediated? Does your team suffer from alert fatigue?
Do you spend time on cumbersome or repetitive tasks during remediation efforts?
Compliance
Is your company a regulated business? What compliance standards or frameworks do you need to adhere to? (CIS? PCI-DSS? ISO-27001, SOC2, GDPR? etc.)
Which compliance mandates or industry standards are important to you?
Best Practices
What is your current approach to cloud security? Do you run this in-house or with a third-party provider?
Describe your current cloud security infrastructure. Do you have any notable gaps?
What is and what is not working with your current cloud security solution(s)?
Do you find your current cloud security tools easy to install and use?
Influencer: IT Ops Manager (Champion)
Cares about: Effective use of time
Focus on their timing and fixes - how frustrating it can be to patch something that isn’t prioritized in real-time while a legitimate threat is allowed to remain.
Influencer: Security Analyst (Champion)
Cares about: Getting the data they need
Focus on ‘no more Excel spreadsheets’, ease of use, minimal transition effort from previous tools, and integration with their existing security tools and ticketing systems.
Champion: Director of Security (Buyer)
Cares about: Solid communication
Focus on the communication and flow of the security department’s various teams, time and team culture between the Analyst and IT Operations Managers, and ability to report to the CISO.
Buyer: CISO
Cares about: Reporting to the board
Focus on reporting to the board via risk meters (red, yellow, green) and clear numbers which make it easy for top execs to understand.
What is your cloud footprint today? AWS / GCP / Azure?
a. % in each?
b. Are you still in physical data centers as well? - If so, are you looking to migrate to the full cloud? Please explain.
Target pain. What are you trying to solve?
What is important for us to discuss? Is it alert fatigue, is it vulnerability management, M&A pain… etc.
What security tools/solutions do you have in place today?
If the customer doesn’t feel comfortable sharing vendor name would love to get an idea of if vuln scanners or agents or CSPM, etc