Down the Security Rabbithole Podcast (DtSR)

DtSR Episode 126 - The Defense Always Loses


Listen Later

Send the hosts a message - try it now!

In this episode...

  • The blog post that started it all - http://blog.norsecorp.com/2014/11/10/the-new-reality-in-security-offense-always-wins-and-defense-always-loses/
  • Vince, tells us what he means by "Offense always wins, defense always loses"
  • We disagree over this snip from his blog post: "To “win” in cyber security, defense must be right 100% of the time, while offense only has to be right once. We must wake up to the reality that defense is an impossible task; no matter what actions we take, we will lose."
  • We discuss how we get away from being Eeyore defeatists?
  • Vince give us security strategies he is advocating knowing that defense is better equipped, and better funded
  • We briefly mention high-value assets, and why it's even more critical today than it has ever been before, and why we still stink at it
  • We challenge Vince to give us some tangible steps to managing risk better, to get away from winning/losing?
  • We discuss how we compress delivery time lines for security competencies? (Average time to deliver a technical control is months, plus budget cycle - maybe years)
  • We close with lessons learned from your Vince's rich experience that he'd like to share with the listeners, to change the nature of the win/lose conversation

Guest

  • Vince Crisler - Vince has done some very interesting things in his background including former Communications Officer with the US Air Force, who also worked at the White House as Presidential Communications Officerm backed security start-ups, and chairing a Washington DC OSINT group. He's definitely one of the people you should get to know.

Support the show

>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast

...more
View all episodesView all episodes
Download on the App Store

Down the Security Rabbithole Podcast (DtSR)By Rafal (Wh1t3Rabbit) Los

  • 4.3
  • 4.3
  • 4.3
  • 4.3
  • 4.3

4.3

96 ratings


More shows like Down the Security Rabbithole Podcast (DtSR)

View all
Security Now (Audio) by TWiT

Security Now (Audio)

1,966 Listeners

Risky Business by Patrick Gray

Risky Business

360 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

628 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

367 Listeners

Hacked by Hacked

Hacked

179 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,014 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

314 Listeners

Click Here by Recorded Future News

Click Here

387 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,845 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

186 Listeners

Hacking Humans by N2K Networks

Hacking Humans

313 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

78 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

118 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

158 Listeners