Sign up to save your podcasts
Or
Share We’re 99% Sure Our Malware Protection Will Fail 1% of the Time
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
We’re 99% Sure Our Malware Protection Will Fail 1% of the Time
CISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com.
Do you want a security vendor that’s good at protecting you from malware or a vendor that’s honest with you about their failure rates? Whatever happens you’ll take it on the latest episode of CISO/Security Vendor Relationship Podcast recorded live in NYC for the NY Information Security Meetup (@NYInfoSecurity). Thanks for hosting our recording!
This super-sized special episode features drop-in co-host, John Prokap (@JProkap), CISO of HarperCollins Publishers, and our guest Johna Till Johnson (@JohnaTillJohnso), CEO of Nemertes Research.
Check out all the awesome photos from the event.
Context Information Security is a leading technical cyber security consultancy, with over 20 years of experience and offices worldwide. Through advanced adversary simulation and penetration testing, we help you answer the question – how effective is my current cyber security strategy against real world attacks?
On this episode
How CISOs are digesting the latest security newsTo Facebook, our data in aggregate is very valuable. But to each individual, they view it as essentially worthless as they're happy to give it away to Facebook for $20/month. I don't see this ever changing. Does an employees carelessness with their own privacy affect your corporation's privacy?
Why is everybody talking about this now?Rich Mason, former CISO at Honeywell posted about the need to change the way we grade malware. He noted that touting 99 percent blocking of malware that allows for one percent failure and network infection is actually a 100 percent failure. It's the classic lying with statistics model. How should we be measuring the effectiveness of malware?
What's Worse?!We play two rounds trying to determine the worst of bad security behavior.
What's a CISO to do?A CISO can determine their budget by:
1: Meeting compliance issues or minimum security requirements 2: Being reactionary 3: Reducing business risk 4: Enabling the business
Far too often, vendors have preyed on reactionary and compliance buyers. But the growing trend from most CISOs is the reduction of business risk. How does this change a CISO's budgeting?
Let's dig a little deeperWe bring up "do the basics" repeatedly on this show because it is often the basics, not the APTs, that are the cause of a breach or security failure. Why are the basics so darn hard and why are people failing at them?
What do you think of this pitch?We've got two pitches for my co-host and guest to critique.
And now this...We wrap up our live show with lots of questions from the audience.
View all episodes
By David Spark, Mike Johnson, and Andy Ellis
4.8
183183 ratings
CISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com.
Do you want a security vendor that’s good at protecting you from malware or a vendor that’s honest with you about their failure rates? Whatever happens you’ll take it on the latest episode of CISO/Security Vendor Relationship Podcast recorded live in NYC for the NY Information Security Meetup (@NYInfoSecurity). Thanks for hosting our recording!
This super-sized special episode features drop-in co-host, John Prokap (@JProkap), CISO of HarperCollins Publishers, and our guest Johna Till Johnson (@JohnaTillJohnso), CEO of Nemertes Research.
Check out all the awesome photos from the event.
Context Information Security is a leading technical cyber security consultancy, with over 20 years of experience and offices worldwide. Through advanced adversary simulation and penetration testing, we help you answer the question – how effective is my current cyber security strategy against real world attacks?
On this episode
How CISOs are digesting the latest security newsTo Facebook, our data in aggregate is very valuable. But to each individual, they view it as essentially worthless as they're happy to give it away to Facebook for $20/month. I don't see this ever changing. Does an employees carelessness with their own privacy affect your corporation's privacy?
Why is everybody talking about this now?Rich Mason, former CISO at Honeywell posted about the need to change the way we grade malware. He noted that touting 99 percent blocking of malware that allows for one percent failure and network infection is actually a 100 percent failure. It's the classic lying with statistics model. How should we be measuring the effectiveness of malware?
What's Worse?!We play two rounds trying to determine the worst of bad security behavior.
What's a CISO to do?A CISO can determine their budget by:
1: Meeting compliance issues or minimum security requirements 2: Being reactionary 3: Reducing business risk 4: Enabling the business
Far too often, vendors have preyed on reactionary and compliance buyers. But the growing trend from most CISOs is the reduction of business risk. How does this change a CISO's budgeting?
Let's dig a little deeperWe bring up "do the basics" repeatedly on this show because it is often the basics, not the APTs, that are the cause of a breach or security failure. Why are the basics so darn hard and why are people failing at them?
What do you think of this pitch?We've got two pitches for my co-host and guest to critique.
And now this...We wrap up our live show with lots of questions from the audience.
More shows like CISO Series Podcast
View all
Security Now (Audio)
1,971 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
627 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
367 Listeners
Hacked
180 Listeners
CyberWire Daily
1,006 Listeners
Smashing Security
310 Listeners
Click Here
405 Listeners
Darknet Diaries
7,864 Listeners
Cybersecurity Today
168 Listeners
Hacking Humans
314 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
127 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners