John Santana

So developing what those minimum standards are and looking to enforce that across the board. And then from there, right, developing that portfolio level monitoring. So in our case, right, we use a common assessment framework. We're big fans of 405D over here.

So developing what those minimum standards are and looking to enforce that across the board. And then from there, right, developing that portfolio level monitoring. So in our case, right, we use a common assessment framework. We're big fans of 405D over here.

assessing each portfolio company to get a handle on the relative maturity of each organization, and then really going deeper than that and developing tailored recommendations, that tailored roadmap to better improve the cybersecurity maturity commensurate with each unique organization.

assessing each portfolio company to get a handle on the relative maturity of each organization, and then really going deeper than that and developing tailored recommendations, that tailored roadmap to better improve the cybersecurity maturity commensurate with each unique organization.

assessing each portfolio company to get a handle on the relative maturity of each organization, and then really going deeper than that and developing tailored recommendations, that tailored roadmap to better improve the cybersecurity maturity commensurate with each unique organization.

Yeah, this is a fun one, right? No two firms are the same as far as how centralized or decentralized they are. I mean, a lot of it does come down to personal preference. And I've seen Both work out pretty well, but some things that I would encourage would be collaboration and resource sharing, where it makes sense, between the Portco security leadership.

Yeah, this is a fun one, right? No two firms are the same as far as how centralized or decentralized they are. I mean, a lot of it does come down to personal preference. And I've seen Both work out pretty well, but some things that I would encourage would be collaboration and resource sharing, where it makes sense, between the Portco security leadership.

Yeah, this is a fun one, right? No two firms are the same as far as how centralized or decentralized they are. I mean, a lot of it does come down to personal preference. And I've seen Both work out pretty well, but some things that I would encourage would be collaboration and resource sharing, where it makes sense, between the Portco security leadership.

So we see this all the time where all the CEOs get together and all the CFOs get together. Well, do the same thing with the CISOs and the security managers and your security leadership across the portfolio. Chances are they're dealing with at least one or many of the same compliance and technical pain points, right? Maybe one portfolio company just upgraded all of their Microsoft licensing.

So we see this all the time where all the CEOs get together and all the CFOs get together. Well, do the same thing with the CISOs and the security managers and your security leadership across the portfolio. Chances are they're dealing with at least one or many of the same compliance and technical pain points, right? Maybe one portfolio company just upgraded all of their Microsoft licensing.

So we see this all the time where all the CEOs get together and all the CFOs get together. Well, do the same thing with the CISOs and the security managers and your security leadership across the portfolio. Chances are they're dealing with at least one or many of the same compliance and technical pain points, right? Maybe one portfolio company just upgraded all of their Microsoft licensing.

Another one still needs to do that, and they can help do some resource sharing there. Maybe one portfolio company is really emblematic of a specific best practice, right? Maybe one just has their DLP program, the Data Protection Loss Prevention Program, just absolutely nailed, and they have full enterprise DLP. Well, share those best practices with the rest of the class, right?

Another one still needs to do that, and they can help do some resource sharing there. Maybe one portfolio company is really emblematic of a specific best practice, right? Maybe one just has their DLP program, the Data Protection Loss Prevention Program, just absolutely nailed, and they have full enterprise DLP. Well, share those best practices with the rest of the class, right?

Another one still needs to do that, and they can help do some resource sharing there. Maybe one portfolio company is really emblematic of a specific best practice, right? Maybe one just has their DLP program, the Data Protection Loss Prevention Program, just absolutely nailed, and they have full enterprise DLP. Well, share those best practices with the rest of the class, right?

So I would encourage a semi-regular meeting of those security leaders where they can bounce ideas off one another and share in the glory, share in the pain, and ultimately win. work together. And there's other efficiencies that can be unlocked there too, Scott. So there's all kinds of potential cost savings that could be realized through vendor consolidation and vendor sharing.

So I would encourage a semi-regular meeting of those security leaders where they can bounce ideas off one another and share in the glory, share in the pain, and ultimately win. work together. And there's other efficiencies that can be unlocked there too, Scott. So there's all kinds of potential cost savings that could be realized through vendor consolidation and vendor sharing.

So I would encourage a semi-regular meeting of those security leaders where they can bounce ideas off one another and share in the glory, share in the pain, and ultimately win. work together. And there's other efficiencies that can be unlocked there too, Scott. So there's all kinds of potential cost savings that could be realized through vendor consolidation and vendor sharing.

I'm not saying put everybody on the same tenant, but perhaps looking at that bulk pricing on certain services or, you know, some of those things that I mentioned that everybody needs to do, right? There's some potential cost saving opportunities there by finding the right vendor.

I'm not saying put everybody on the same tenant, but perhaps looking at that bulk pricing on certain services or, you know, some of those things that I mentioned that everybody needs to do, right? There's some potential cost saving opportunities there by finding the right vendor.

I'm not saying put everybody on the same tenant, but perhaps looking at that bulk pricing on certain services or, you know, some of those things that I mentioned that everybody needs to do, right? There's some potential cost saving opportunities there by finding the right vendor.