Iowa
Technology
Summit
CYBERSECURITY TRACK
No Budget? No Problem!
APR. 7 / 1:20 PM - 2:20 PM / DEEP DIVE
About
Flat budgets are the new normal, but that doesn’t mean your cybersecurity program initiatives need to stall. In this session, I’ll introduce core financial concepts every cybersecurity leader should understand and, more importantly, how to sustain a resilient strategy while staying within your allotted budget—by managing spend with precision, leveraging vendor relationships, and negotiating smarter contracts.
We’ll begin with the importance of knowing your vendor ecosystem: who does what, how much you pay, and whether they’re coming through a VAR (value-added reseller). Understanding contract terms, renewal cycles, and how vendors invoice and get paid (monthly, quarterly, or as-a-service) reveals hidden leverage. We’ll also discuss payment terms like Net30 vs. Net60 and how that knowledge can help during negotiations. I’ll share how to track spend and maintain visibility using simple tools and disciplined practices that don’t require a CPA.
Next, we’ll explore the RFI/RFP process—not just as a procurement formality, but as a strategic tool to avoid vendor lock-in and create flexibility and leverage for you and your team. Timing is critical, especially when contemplating a “rip and replace” to demonstrate you’re not beholden to any one vendor while you use competition to your advantage. We’ll also examine how accounting methods—cost vs. accrual—affect procurement decisions and annual operating plans, and how aligning with finance teams can also unlock opportunities.
We’ll then dive into how to structure renewals on your terms, choose between one-year and multi-year contracts, and balance flexibility with commitment. Understanding how your vendor’s sales team is compensated can help you negotiate smarter and I’ll share tactics for identifying possible concessions, asking directly for what you need, and partnering with new entrants who may offer zero-cost “add-ons” or development opportunities in exchange for your engagement and feedback.
Finally, we’ll cover the importance of direct relationships with vendor leadership. I’ll share how to use those connections to secure early access, influence product direction, and get more value—without increasing your overall spend.
If you’ve ever been told “there’s no budget for that,” this session will show you how to turn that into an opportunity!
Takeaways
Attendees will leave with a repeatable framework to:
• Maximize value from existing vendors
• Negotiate smarter contracts
• Prioritize capabilities based on impact, not spend
• Build influence with vendors—even when budgets are flat
Speaker
Paul Suarez
VP & CISO
Casey's
A graduate of the US Air Force Academy, Paul Suarez served his entire 27-year Air Force career in the fields of cybersecurity and information technology. After his military retirement he worked in business development in the Washington, DC area for Netwitness, RSA Security and Avaya then as security engineering director at Walmart prior to becoming their CISO for Walmart International. He joined Casey’s, the country’s 3rd largest convenience store chain, in March 2021 as their very first Chief Information Security Officer. Paul serves on the Executive Advisory Board for Tenable (TENB), the cybersecurity Exposure Management company based in Columbia, Maryland.
Interested in Sponsorship Opportunities?
Amplify your brand, strengthen your marketing efforts, and connect with new audiences across Iowa’s technology community.
Join us as a sponsor:
Keep Up with Iowa Tech News
Subscribe to our monthly newsletter for updates on events, industry insights, and new ways to engage.
It’s the easiest way to stay connected to Iowa’s tech community.