Sign up to save your podcasts
Or
Share Security Posture is a Thing
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Security Posture is a Thing
What is security posture? Izar was at a conference in Amsterdam, where he was asked to define security posture and how to measure it. Is security posture qualitative or quantitative, and can it be compared across teams, organizations, and departments? This led us down this rabbit hole; what is security posture, and is it even possible to measure?
Security posture is multi-dimensional, differentiating between organizational and system security postures. Security activities that are reasonable to a company's level of risk acceptance are essential. Leadership changes could impact security posture; the departure of a CISO, for example, doesn't immediately affect the security posture as the policies and experiences built up over time remain.
Tools and processes assess security posture. An organization's security posture doesn't necessarily reflect the system's security posture. You must understand where a design is starting regarding security and where it is now.
The episode concludes with a call to listeners to share their thoughts on security posture and contribute to the ongoing discussion. The hosts express their interest in learning from different perspectives and experiences in security.
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel
Thanks for Listening!
View all episodes
By Izar Tarandach, Matt Coles, and Chris Romeo
5
22 ratings
What is security posture? Izar was at a conference in Amsterdam, where he was asked to define security posture and how to measure it. Is security posture qualitative or quantitative, and can it be compared across teams, organizations, and departments? This led us down this rabbit hole; what is security posture, and is it even possible to measure?
Security posture is multi-dimensional, differentiating between organizational and system security postures. Security activities that are reasonable to a company's level of risk acceptance are essential. Leadership changes could impact security posture; the departure of a CISO, for example, doesn't immediately affect the security posture as the policies and experiences built up over time remain.
Tools and processes assess security posture. An organization's security posture doesn't necessarily reflect the system's security posture. You must understand where a design is starting regarding security and where it is now.
The episode concludes with a call to listeners to share their thoughts on security posture and contribute to the ongoing discussion. The hosts express their interest in learning from different perspectives and experiences in security.
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel
Thanks for Listening!
More shows like The Security Table
View all
Security Now (Audio)
1,976 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
Darknet Diaries
7,879 Listeners
Blueprint: Build the Best in Cyber Defense
131 Listeners
Cyber Security Headlines
127 Listeners