Sign up to save your podcasts
Or
Share #21 Malcolm Harkins – CSO, Cylance
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
#21 Malcolm Harkins – CSO, Cylance
The Rise of the Cyber Industrial Complex
Malcolm declares the security industry is not to be trusted because it profits from insecurity.
00:23 Non-traditional beginnings to a CSO career.
02:02 The unusual role of a CSO in a vendor.
02:24 Security needs to crawl out from under IT because it touches every aspect of the business.
04:04 The security industry is not to be trusted because it has no economic incentive to solve the problem.
06:12 Business wants three main things: the risk managed, the cost lowered, and the friction controlled. CISOs need to be measured on that.
8:59 The rise of the cyber industrial complex: defense and depth has actually turned into expensive depth
11:19 The cybersecurity industry is not economically motivated to solve the problem. We need to demand attribution to the controls that failed and hold the industry accountable.
13:27 The role of security in M&A processes: build the cost of remediation into the acquisition budget and this should be bidirectional.
16:24 Selling on fear is like eating junk food: short-term satisfaction, long-term ruin.
17:36 Please don’t ask me for my risk register.
20:21 If we focus on protecting our customers to the best of our ability, the result will be the limitation of liability.
23:36 We focus on the fact that technology done right can connect and enrich lives and can create social and economic benefit.
Malcolm Harkins Interview Transcript
View all episodes
The Rise of the Cyber Industrial Complex
Malcolm declares the security industry is not to be trusted because it profits from insecurity.
00:23 Non-traditional beginnings to a CSO career.
02:02 The unusual role of a CSO in a vendor.
02:24 Security needs to crawl out from under IT because it touches every aspect of the business.
04:04 The security industry is not to be trusted because it has no economic incentive to solve the problem.
06:12 Business wants three main things: the risk managed, the cost lowered, and the friction controlled. CISOs need to be measured on that.
8:59 The rise of the cyber industrial complex: defense and depth has actually turned into expensive depth
11:19 The cybersecurity industry is not economically motivated to solve the problem. We need to demand attribution to the controls that failed and hold the industry accountable.
13:27 The role of security in M&A processes: build the cost of remediation into the acquisition budget and this should be bidirectional.
16:24 Selling on fear is like eating junk food: short-term satisfaction, long-term ruin.
17:36 Please don’t ask me for my risk register.
20:21 If we focus on protecting our customers to the best of our ability, the result will be the limitation of liability.
23:36 We focus on the fact that technology done right can connect and enrich lives and can create social and economic benefit.
Malcolm Harkins Interview Transcript