Australian security newcomer SiegeWorks will focus on teaching IT executives how to 'sell' security to board-level executives.
The goal is to ensure IT managers walk away from the boardroom with fatter IT security budgets that have a solid ROI.
SiegeWorks CEO Raj Raghavan says security should fit with a business process.
However, there is still some boardroom confusion, he said, around the difference between security for operational, tactical and strategic purposes.
"C-level executives see everything as simply 'security' and vendors know this which is why they go for the 'fear of the unknown'," Raghavan said.
But even if the IT security budget triples increasing from $1 million to $3 million, it doesn't mean a company is three times more secure, he said.
"Enterprises want a risk management profile and want to see some kind of a map that tells them where they are on a scale of one to 10. No company can be a 10 out of 10, but if they can make it to a five you have a good business case for security spending," Raghavan said.
"IT managers want something that proves to the boss that their company will get hacked if they don't follow specific steps, then they get the budget.
"Security to some organizations [means] just something that can be put in a rack - what they really need is specific training and education for staff."