Sign up to save your podcasts
Or
Share Cybersecurity Excuses
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cybersecurity Excuses
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-cybersecurity-excuses/)
"I've got all the security I need."
"I'm not a target for hackers."
These are just a few of the many rationalizations companies make when they're in denial of cyberthreats. Why are these excuses still prevalent and how should a cyberprofessional respond?
Check out this post by Ian Murphy, co-founder of LMNTRIX, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Gary Hayslip (@ghayslip), CISO, Softbank Investment Advisers.
Thanks to this week's podcast sponsor, Varonis.
The most powerful way to find, protect, and monitor sensitive data at scale. Get total control over your unstructured data in the cloud and on-premises. See it in action in a live cyberattack simulation lab.
On this episode of Defense in Depth, you'll learn:
- Security professionals must endure an endless string of excuses to not improve a security program. On this episode, the ones we saw fall into four categories: "What I've got is good enough", "Denial", "False safety net", "Costs too much time/money".
- Never rest on what you've got today. Today's configuration is tomorrow's vulnerability. Security is a process, not an end state.
- There are always issues because humans are involved.
- Small companies may not have a huge payout, but their defenses are usually weaker making them an easy score. A bunch of small companies add up to a big one.
- If you have not invested well in a good security program, you are already breached and don't know it.
- As this show title explains, you can't rely on a single layer of defense (e.g., firewall) to protect you.
- No CISO is complaining they're spending too much on security.
- A great security partner is awesome, but you don't hand off your security to someone else. It's a shared responsibility.
- Don't rely on cyber insurance in the same way you don't leave your front door unlocked even though you've got home insurance.
View all episodes
By David Spark, Steve Zalewski, Geoff Belknap
4.8
7373 ratings
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-cybersecurity-excuses/)
"I've got all the security I need."
"I'm not a target for hackers."
These are just a few of the many rationalizations companies make when they're in denial of cyberthreats. Why are these excuses still prevalent and how should a cyberprofessional respond?
Check out this post by Ian Murphy, co-founder of LMNTRIX, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Gary Hayslip (@ghayslip), CISO, Softbank Investment Advisers.
Thanks to this week's podcast sponsor, Varonis.
The most powerful way to find, protect, and monitor sensitive data at scale. Get total control over your unstructured data in the cloud and on-premises. See it in action in a live cyberattack simulation lab.
On this episode of Defense in Depth, you'll learn:
- Security professionals must endure an endless string of excuses to not improve a security program. On this episode, the ones we saw fall into four categories: "What I've got is good enough", "Denial", "False safety net", "Costs too much time/money".
- Never rest on what you've got today. Today's configuration is tomorrow's vulnerability. Security is a process, not an end state.
- There are always issues because humans are involved.
- Small companies may not have a huge payout, but their defenses are usually weaker making them an easy score. A bunch of small companies add up to a big one.
- If you have not invested well in a good security program, you are already breached and don't know it.
- As this show title explains, you can't rely on a single layer of defense (e.g., firewall) to protect you.
- No CISO is complaining they're spending too much on security.
- A great security partner is awesome, but you don't hand off your security to someone else. It's a shared responsibility.
- Don't rely on cyber insurance in the same way you don't leave your front door unlocked even though you've got home insurance.
More shows like Defense in Depth
View all
Hacked
186 Listeners
Security Now (Audio)
2,011 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,026 Listeners
Smashing Security
318 Listeners
Click Here
419 Listeners
Darknet Diaries
8,077 Listeners
Cybersecurity Today
176 Listeners
Hacking Humans
316 Listeners
CISO Series Podcast
195 Listeners
Cybersecurity Headlines
138 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
167 Listeners