When Sean Atkinson says that “We’re on a trajectory to have the most vulnerabilities ever identified in a single year, starting this year,” take note: As Chief Information Security Officer for the Center for Internet Security, he knows what he’s talking about.

He’s referring to the ever-increasing tide of weaknesses and flaws that undermine the security of software used every single day by teams around the world. Between a more active threat landscape, demands for development velocity, and the rise of generative AI, the cat in this proverbial game of cat-and-mouse has their work cut out for them.

In this conversation, Robin Tatam, Puppet’s Evangelist and Certified Information Security Manager, talks with Sean about the role of a CISO, what’s behind the unprecedented rise in vulnerabilities, and how smart integrations turn automation into a first-line defense against threats, misconfiguration, errors, and software vulnerabilities.

Highlights:

• What a CISO actually does versus a CIO or a CTO 
• The difference between “security” and “compliance” 
• How compliance helps build the backbone of a long-term security posture 
• Who really owns IT security and where IT operations fits into the security conversation 
• What CIS Benchmarks are, what they do, and how CIS “wizards” keep them up-to-date on the latest vulnerabilities 
• How Puppet’s partnership with CIS puts the power of automation behind CIS’s widely recognized frameworks

Speakers:

• Robin Tatam, Senior Technical Marketer and Evangelist, Puppet by Perforce
• Sean Atkinson, Chief Information Security Officer, Center for Internet Security

Links:

• Learn more about Security Compliance Enforcement, a premium feature for Open Source Puppet and Puppet Enterprise that automates secure configurations hardened against CIS Benchmarks and DISA STIGs
• Listen to Sean’s podcast with CIS, “Cybersecurity Where You Are,” wherever you get podcasts

Find Us Online:

• puppet.com
• Apple Podcasts
• Twitter
• LinkedIn