Sign up to save your podcasts
Or
Share Security Made the Mess. They Should Clean It Up.
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Security Made the Mess. They Should Clean It Up.
Security is suffering from a serious Rodney Dangerfield "I get no respect" problem. What has often been seen as the department of "no" is struggling under that brand image. That's probably because security is often seen as an inhibitor rather than an enabler. If InfoSec wants to fix that perception, it'll be their responsibility to dig themselves out.
Here's what you'll hear on the latest episode of the CISO/Security Vendor Relationship Podcast:
- Nobody thinks security is their friend: How can security rid itself of this highly negative branding? Be problem solvers vs. problem creators.
- Techniques to integrate AppSec into the DevOps process: It comes down to measurement, respecting an engineer's time, and learning from the success of one process and putting it into another. Read more great insight by Chris Steipp of Lyft.
- We play "What's Worse?!" In this episode of the game we question the worst scenario of an encrypted or unencrypted laptop, but with qualifications.
- Uggh, WAFs are NOT magical boxes: In a round of "Please, Enough. No, More." we challenge the way web application firewalls (WAFs) are being sold. WAFs need to be more friendly and flexible. No one believes you if you sell them as magical boxes that stop all attacks.
- How can you be a great customer? We turn the tables from "Ask a CISO" to "Ask a Vendor" and ask what it takes to be a great customer. Vendors would like you to ttop kicking the tires and talk about solving real problems.
- Plus a ten-second security tip: It may be cliche, but if security departments want to be more effective, they should be moving away from blocking to enabling.
Special thanks to Signal Sciences for sponsoring this episode. If you’re using WAFs, make sure you read “Three Ways Legacy WAFs Fail,” by their head of research, James Wickett.
As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Zane Lackey (@zanelackey), co-founder and CSO for Signal Sciences and author of the new book from O'Reilly, "Building a Modern Security Program."
Sponsor the PodcastIf you'd like to sponsor the podcast, contact David Spark at Spark Media Solutions.
View all episodes
By David Spark, Mike Johnson, and Andy Ellis
4.8
185185 ratings
Security is suffering from a serious Rodney Dangerfield "I get no respect" problem. What has often been seen as the department of "no" is struggling under that brand image. That's probably because security is often seen as an inhibitor rather than an enabler. If InfoSec wants to fix that perception, it'll be their responsibility to dig themselves out.
Here's what you'll hear on the latest episode of the CISO/Security Vendor Relationship Podcast:
- Nobody thinks security is their friend: How can security rid itself of this highly negative branding? Be problem solvers vs. problem creators.
- Techniques to integrate AppSec into the DevOps process: It comes down to measurement, respecting an engineer's time, and learning from the success of one process and putting it into another. Read more great insight by Chris Steipp of Lyft.
- We play "What's Worse?!" In this episode of the game we question the worst scenario of an encrypted or unencrypted laptop, but with qualifications.
- Uggh, WAFs are NOT magical boxes: In a round of "Please, Enough. No, More." we challenge the way web application firewalls (WAFs) are being sold. WAFs need to be more friendly and flexible. No one believes you if you sell them as magical boxes that stop all attacks.
- How can you be a great customer? We turn the tables from "Ask a CISO" to "Ask a Vendor" and ask what it takes to be a great customer. Vendors would like you to ttop kicking the tires and talk about solving real problems.
- Plus a ten-second security tip: It may be cliche, but if security departments want to be more effective, they should be moving away from blocking to enabling.
Special thanks to Signal Sciences for sponsoring this episode. If you’re using WAFs, make sure you read “Three Ways Legacy WAFs Fail,” by their head of research, James Wickett.
As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Zane Lackey (@zanelackey), co-founder and CSO for Signal Sciences and author of the new book from O'Reilly, "Building a Modern Security Program."
Sponsor the PodcastIf you'd like to sponsor the podcast, contact David Spark at Spark Media Solutions.
More shows like CISO Series Podcast
View all
Security Now (Audio)
1,982 Listeners
Risky Business
364 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Hacked
181 Listeners
CyberWire Daily
1,016 Listeners
Smashing Security
317 Listeners
Click Here
407 Listeners
Darknet Diaries
7,917 Listeners
Cybersecurity Today
163 Listeners
Hacking Humans
311 Listeners
Defense in Depth
76 Listeners
Cyber Security Headlines
128 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
168 Listeners