Sign up to save your podcasts
Or
Share DtR Episode 30 - It's Always a Business Decision [MISEC edition]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DtR Episode 30 - It's Always a Business Decision [MISEC edition]
Send the hosts a message - try it now!
Synopsis
Security has an interesting view on "business decisions", and in this podcast episode recorded at GrrCon 2012 in Grand Rapids, MI I sit down with some of the talent behind MISEC and we discuss #SecBiz topics of interest including the ugly phrase "it's a business decision" and why we say that. We also dive into how decisions are made, and why security and business are still often at odds on goals and acceptable 'risks'... and why our recommendations and guidance still falls on seemingly deaf ears.
We sample some of the sage wisdom of J.W. Goerlich as he runs his IT and security organization, and how he asks his security employees to think business, and put themselves into the frame of reference of the business when making decisions.
Jen Fox brings up Miller's Law, and teachs us to ask "What is that true of?" when framing discussions in the business context with non-technologists. Jen makes us think about frames of reference. She tells us that we must assume that a statement someone makes is true ... from their frame of reference and we simply must get inside their frame of reference to understand their thinking.
Steven Fox gives us a little bit of a glimpse into the government world where you can't always go sit down with the decision maker, and have to depend on your relationships, cooperation, and sometimes back-room politics to get things done.
I invite you to listen in, this is a timeless discussion that everyone should participate in.
Guests
- J.W. Goerlich - @JWGoerlich - Information Systems and Information Security Manager. Regular InfoSec practitioner, occasional speaker and writer. INTJ. #MiSec, #BSidesDetroit, #CSA, #Owasp
- Jen Fox - @J_Fox - Making security accessible to the end user. Independent consultant, biz analyst, tech-to-biz translator, and diplomat. CIPP/IT and locksport enthusiast.
- Steven Fox - @Securelexicon - I am a Security Architect at the U.S. Dept of the Treasury & Penetration Tester passionate about security as a business value and differentiator.
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
View all episodes
By Rafal (Wh1t3Rabbit) Los
4.3
9696 ratings
Send the hosts a message - try it now!
Synopsis
Security has an interesting view on "business decisions", and in this podcast episode recorded at GrrCon 2012 in Grand Rapids, MI I sit down with some of the talent behind MISEC and we discuss #SecBiz topics of interest including the ugly phrase "it's a business decision" and why we say that. We also dive into how decisions are made, and why security and business are still often at odds on goals and acceptable 'risks'... and why our recommendations and guidance still falls on seemingly deaf ears.
We sample some of the sage wisdom of J.W. Goerlich as he runs his IT and security organization, and how he asks his security employees to think business, and put themselves into the frame of reference of the business when making decisions.
Jen Fox brings up Miller's Law, and teachs us to ask "What is that true of?" when framing discussions in the business context with non-technologists. Jen makes us think about frames of reference. She tells us that we must assume that a statement someone makes is true ... from their frame of reference and we simply must get inside their frame of reference to understand their thinking.
Steven Fox gives us a little bit of a glimpse into the government world where you can't always go sit down with the decision maker, and have to depend on your relationships, cooperation, and sometimes back-room politics to get things done.
I invite you to listen in, this is a timeless discussion that everyone should participate in.
Guests
- J.W. Goerlich - @JWGoerlich - Information Systems and Information Security Manager. Regular InfoSec practitioner, occasional speaker and writer. INTJ. #MiSec, #BSidesDetroit, #CSA, #Owasp
- Jen Fox - @J_Fox - Making security accessible to the end user. Independent consultant, biz analyst, tech-to-biz translator, and diplomat. CIPP/IT and locksport enthusiast.
- Steven Fox - @Securelexicon - I am a Security Architect at the U.S. Dept of the Treasury & Penetration Tester passionate about security as a business value and differentiator.
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
More shows like Down the Security Rabbithole Podcast (DtSR)
View all
Security Now (Audio)
1,966 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
367 Listeners
Hacked
179 Listeners
CyberWire Daily
1,015 Listeners
Smashing Security
314 Listeners
Click Here
392 Listeners
Darknet Diaries
7,853 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
117 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners