Defense in Depth Are Your Security Tools Creating More Work for Your Team?
Mar 12, 2026
Evan McHenry, CISO at Robinhood known for running security like an engineering function, talks vendor selection, three-year total cost of ownership, and operational tradeoffs of security tools. He covers delivery models, capacity planning, and matching tool complexity to team skills. The conversation stresses mapping workflows first and prioritizing high-signal tooling to avoid extra operational burden.
AI Snips
Chapters
Transcript
Episode notes
Tools Create Work By Revealing New Problems
- New security tools inherently create more work because they surface information that requires decisions and actions.
- Edward Contreras frames value against 2080 work hours per employee to judge if a tool's output justifies added effort.
Evaluate Tools With Three Year TCO Forecasts
- Use total cost of ownership over a three-year horizon to evaluate a security tool before purchase.
- Evan McHenry includes staff time, ROI, managed services, and support fees and sets year-1/2/3 success criteria to compare against forecasts.
Choose Vendors That Enable Direct Engineer Collaboration
- Prefer vendors that let your engineers work directly with their full-time engineers during setup.
- Evan says that direct engagement provides on-the-job training and reveals practical 'hacky' ways to manage the platform.