Sign up to save your podcasts
Or
Share Do You Know the Secret Cybersecurity Handshake?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Do You Know the Secret Cybersecurity Handshake?
Direct link for episode on blog (https://cisoseries.com/do-you-know-the-secret-cybersecurity-handshake/)
We get the feeling that as we're adding more solutions and requiring more certificates, we're just making the problem of security harder and harder. Has the problem of not enough talent become an issue that we created? We discuss that and more on this week's episode of CISO/Security Vendor Relationship Podcast.
This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson. Our guest this week is Taylor Lehmann (@BostonCyberGuy), CISO, Wellforce.
Thanks to this week's sponsor, Chronicle, makers of Backstory
Chronicle’s Backstory is a global security telemetry platform for investigation and threat hunting within your enterprise network. Backstory makes security analytics instant, easy, and cost-effective. Backstory is a specialized, cloud-native security analytics system, built on the core infrastructure that powers Google itself.
On this week's episode
How CISOs are digesting the latest security news
The Hill reports, "A Democrat on the House Intelligence Committee introduced a bill on Wednesday that would require publicly traded companies to disclose to investors whether any members of their board of directors have cybersecurity expertise."
The Cybersecurity Disclosure Act of 2019, would require the SEC to issue a new set of rules requiring U.S. companies to tell their investors whether they have someone who has cyber expertise on their board. If they don't, they must explain to their investors why this is the case."
Will such a measure pass and if not, what is the best action here to insure some level of cybersecurity confidence?
Why is everybody talking about this now?
On a recent episode of the podcast we talked about swapping out the word "security" for "safety." Chris Roberts of Attivo Networks brought this topic up and he says if we change the conversation more people will care. How does the viewpoint of security change when you're talking about safety? How does behavior change?
What's Worse?!
I can't believe it's taken me this long to ask this question.
Hey, you're a CISO, what's your take on this?
Once you connect a device to the Internet and trade information, you're now a potential attack vector. And if your device is critical for maintaining life, like automobiles and medical devices, vulnerabilities no longer become a case of losing data, but of losing lives. Medical device manufacturers are rarely experts at software development, let alone cybersecurity. Vulnerabilities happen all the time. What is and isn't working with the reporting, alerting, and fixing of device vulnerabilities?
Ask a CISO
Could the talent gap be a self-fulfilling prophecy or at the very least an avoidable consequence of security’s red hot growth," asked Sam Curry, CSO at Cybereason, on Forbes. "What started as an esoteric field is becoming even more arcane as we grow." Curry offered some suggestions on where to improve situations to improve the complexity of security. Are fixing these issues harder than fixing security?
View all episodes
By David Spark, Mike Johnson, and Andy Ellis
4.8
183183 ratings
Direct link for episode on blog (https://cisoseries.com/do-you-know-the-secret-cybersecurity-handshake/)
We get the feeling that as we're adding more solutions and requiring more certificates, we're just making the problem of security harder and harder. Has the problem of not enough talent become an issue that we created? We discuss that and more on this week's episode of CISO/Security Vendor Relationship Podcast.
This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson. Our guest this week is Taylor Lehmann (@BostonCyberGuy), CISO, Wellforce.
Thanks to this week's sponsor, Chronicle, makers of Backstory
Chronicle’s Backstory is a global security telemetry platform for investigation and threat hunting within your enterprise network. Backstory makes security analytics instant, easy, and cost-effective. Backstory is a specialized, cloud-native security analytics system, built on the core infrastructure that powers Google itself.
On this week's episode
How CISOs are digesting the latest security news
The Hill reports, "A Democrat on the House Intelligence Committee introduced a bill on Wednesday that would require publicly traded companies to disclose to investors whether any members of their board of directors have cybersecurity expertise."
The Cybersecurity Disclosure Act of 2019, would require the SEC to issue a new set of rules requiring U.S. companies to tell their investors whether they have someone who has cyber expertise on their board. If they don't, they must explain to their investors why this is the case."
Will such a measure pass and if not, what is the best action here to insure some level of cybersecurity confidence?
Why is everybody talking about this now?
On a recent episode of the podcast we talked about swapping out the word "security" for "safety." Chris Roberts of Attivo Networks brought this topic up and he says if we change the conversation more people will care. How does the viewpoint of security change when you're talking about safety? How does behavior change?
What's Worse?!
I can't believe it's taken me this long to ask this question.
Hey, you're a CISO, what's your take on this?
Once you connect a device to the Internet and trade information, you're now a potential attack vector. And if your device is critical for maintaining life, like automobiles and medical devices, vulnerabilities no longer become a case of losing data, but of losing lives. Medical device manufacturers are rarely experts at software development, let alone cybersecurity. Vulnerabilities happen all the time. What is and isn't working with the reporting, alerting, and fixing of device vulnerabilities?
Ask a CISO
Could the talent gap be a self-fulfilling prophecy or at the very least an avoidable consequence of security’s red hot growth," asked Sam Curry, CSO at Cybereason, on Forbes. "What started as an esoteric field is becoming even more arcane as we grow." Curry offered some suggestions on where to improve situations to improve the complexity of security. Are fixing these issues harder than fixing security?
More shows like CISO Series Podcast
View all
Security Now (Audio)
1,971 Listeners
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
Hacked
181 Listeners
CyberWire Daily
1,007 Listeners
Smashing Security
311 Listeners
Click Here
406 Listeners
Darknet Diaries
7,865 Listeners
Cybersecurity Today
171 Listeners
Hacking Humans
314 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
129 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners