Why we need a 'user opinion' based product rating framework ?

We heavily rely on references while taking a decision on adoption of a new technology or a product. However, there is no dedicated analysis of product leadership purely based on customer recommendation. From CISO Platform technology Analyst team, we are happy to announce the concept note for CISO Index which shall rate products purely based on CISO recommendation.

Why do we need a CISO/Customer recommendation based product/technology rating framework?

• CISOs or the users can provide the most meaningful verdict for a product
• With the whole world getting social, community recommendation should play bigger role in decision making

Currently there is no globally acknowledged framework solely based on CISO/Customer recommendation

What is Ciso Recommendation Index (CRI) ?

Proposed "CISO Platform Index"

The CISO Platform Index shall use a transparent methodology to compare the players in software, hardware, or services market so that the CISOs can make well-informed decisions. The CISO Platform Index offers two indices to compare:

• CISO Perception Index (CPI) - Index developed based on the perception of CISOs about the vendor /Product on different evaluation metrics. i.e. by CISOs who have not used the product but have studied about it.
• CISO Recommendation Index (CRI) - Index developed based on the recommendation by CISOs who used the vendor product on different evaluation metrics.

CISO Platform shall map the participating vendors into a map with two axes being CPI and CRI. After such analysis, we shall publish the following for various technology verticals (e.g. Data Security, Application Security Testing etc)

Enterprise Segment

• CISO Platform Champions: High CRI and High CPI
• CISO Platform Challengers: One of the indices (CRI or CPI) is High and the other is moderate

SMB Segment

• CISO Platform Champions: High CRI and High CPI
• CISO Platform Challengers: One of the indices (CRI or CPI) is High and the other is moderate

...read more on CRI

What is the CRI Methodology?

The following steps will be executed for evaluating the vendors-:

Step 1- Collection of CRI Data: The Customers/Users of a product shall be requested to rate each product on a scale of 1 to 7 for the following parameters.

• Overall Rating
• Features
• ROI/Price
• Ease of Implementation
• Support

Step 2- Collection of CPI Data : The CISOs/Security Professionals shall be requested to rate a product of on a scale of 1 to 7 on how they perceive the product (overall rating). We will not ask granular information like that of CRI.

Step 3- Analysis of the Data:

• CPI Calculation for each Product: The Mean likert score for each vendor collected from participants who haven’t used vendor product but are aware of its pros and cons will be known as CPI (CISO Perception Index).
• CRI Calculation for each product: The Weighted Mean likert score for each vendor collected from participants who have a current/prior usage experience of the vendor product will be known as CRI (CISO Recommendation Index). We shall have the following weight age: Features (30%), Price/ROI (30%), Ease of Implementation (20%) and Support (20%) 
  
  

Rating in Detail - 

1. We will plot the graph for representing CRI vs. CPI.
2. We have defined a cut-off score of 4 (Neither satisfied nor dissatisfied) out of 7 (Extremely Satisfied) on likert scale for CPI and CRI.
3. The vendors which are scoring above the cut-off in CPI and CRI will be divided between the following two quadrants based on their CRI/CPI score-:

• Champions ( Those lying in the top-rightmost quadrant in the CPI vs. CRI graph)
• Challengers (Those lying in the bottom-rightmost quadrant in the CPI vs. CRI graph)

Maths behind Cri

1. We will plot the graph for representing CRI vs. CPI.
2. We have defined a cut-off score of 4 (Neither satisfied nor dissatisfied) out of 7 (Extremely Satisfied) on likert scale for CPI and CRI.
3. The vendors which are scoring above the cut-off in CPI and CRI will be divided between the following two quadrants based on their CRI/CPI score-:

• Champions ( Those lying in the top-rightmost quadrant in the CPI vs. CRI graph)
• Challengers (Those lying in the bottom-rightmost quadrant in the CPI vs. CRI graph)

Why should you rate the Product You Used?

A CISO's review on the security product he used is one of the most useful resource. He has looked looked through the nooks and crooks while various stages of pre, post and intermediate implementation cycle. 

• Know what to expect before going to the vendor
• Choose the right product based on your needs
• Build a market which understands your needs better
• Quick qualifying vendors

How should a Vendor Participate? 

It is obvious victory to be a cisoplatform challenger in a framework absolutely based on your user recommendation i.e. CISOs. It will also add value to what is the need of the CISO and to what extend you can cater to that. Higher analysis will help create product of purpose and thus also suffice your company objectives.

• Find the expectation mismatch of your product i.e. Do a reality check
• A demarcated winner where nothing but the users vote for your position
• Help in creating product of purpose i.e. what a CISO needs

Vendors shall be encouraged to come up with more references of their customers as this will help in analyzing them with more confidence. Also, we will be providing additional confidence rating to the vendors based on the number of references they provide. Any product with less than the cut-off number (10 references) for recommendation shall be eliminated from the analysis.

• For any enquiries or questions email

Vote for CRI

The Top 100 CISO Award Winners will be chosen by the expert panel of 5 jury members and will be based on the information submitted by the nominees via online form submission or through email. The panel of judges selected, each represent a different segment of industry and bring to the forum their extensive knowledge and experience. The jury’s judgment will be considered as final.

Step1: Please exercise your vote online here : Please Click Here to Vote

Step2: Please fill the online form or download the offline form & send back the filled in form to

Let the world know. Share with the world

CISO Opinion Matters. We use it, we know it, thus we rate it. Let your peers know, how the security community is voicing their opinion. Just a click to "Which Product Should I Use". Know your security product even before you've used it, know what other CISOs said.   

• CISO Platform Index .. First framework to evaluate products based solely on CISO recommendation