Ross Young joins us on Security Confidential to talk about cybersecurity. Ross is the CISO of Caterpillar Financial Services Corporation, a lecturer at Johns Hopkins University, and the Co-Host of the CISO Tradecraft podcast, and the inventor of the OWASP Threat and Safeguard Matrix. Ross is also a veteran of CIA and NSA.

00:00 Introduction 

00:55 How Ross became CISO of Caterpillar Financial Service 

03:04 Scholarship for Service 

04:10 Foreign cyber espionage capabilities 

07:01 The elusive identity online 

07:50 Compliance frameworks = great cybersecurity? 

12:47 Can cybersecurity be used for revenue generation? 

20:30 Learning from vendors selling in cybersecurity place 

22:55 Vulnerability management in the cloud 

27:02 How do you develop a resilient software system 

31:50 OWASP Threat and Safeguard Matrix 

37:58 Accounting for The X-Factor and Zero Day threat in cybersecurity 

41:45 CISO Tradecraft

The videocast for this episode

To learn more about Ross Young 

To learn more about Dark Rhino Security