- CISO Series Newsletter
- Posts
- 01-21-20 - Debunking the Misused "Chased By Bear" Cybersecurity Metaphor
01-21-20 - Debunking the Misused "Chased By Bear" Cybersecurity Metaphor
Debunking the Misused "Chased By Bear" Cybersecurity Metaphor
This week's episode of CISO/Security Vendor Relationship Podcast
Debunking the Misused "Chased By Bear" Cybersecurity Metaphor
features my co-host, Mike Johnson, and sponsored guest, Elliot Lewis, CEO, Encryptics. All three of us discussed:
We ALL have to be faster than the bear.
There's a common overused cybersecurity metaphor that claims you don't have to be faster than the bear chasing you, you just need to be faster than the other person who's also being chased by the bear. This poorly thought out metaphor doesn't take into account that we're all in this cybersecurity fight together. We actually don't want anyone to be caught by a bear, even our direct competitors. It's time to put a moratorium on the "chased by a bear" cybersecurity metaphor.
Make stealing from you not worth it.
Most attackers are financially motivated. Assuming you have a development team larger than your attackers', you will be able to fight back by developing ahead of the attackers' malware injection efforts. If you create enough hurdles and time wasters to get at your assets, it will not be in their financial interest to continue.
Driving security to the level of data.
This philosophy falls under the guise of "zero-trust," but it also takes into account how data can protect itself. Zero trust looks at the trust of the device, not necessarily the network. If the data is self-aware, then it looks at the environment it's in and reacts accordingly. Your data is the prize and whatever is close to it is the last line of defense.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Encryptics.
Now you can share data without ever losing control of it. Our advanced architecture makes data self-protecting, intelligent and self-aware – wherever it goes, no matter who has it. Our .SAFE patented multi-key technology enables data to evaluate its own safety conditions, including geo-sensing, recipient authentication, and policy changes from its owner. Contact Encryptics today and see for yourself.
Live CISO-Vendor Recording in Tel Aviv (01-27-20)
If you’re in Tel Aviv at the end of this month and you’re a big fan of CISO/Security Vendor Relationship Podcast, then please join us for a live audience recording of the podcast hosted by Glilot Capital.Joining me on stage at our first ever Tel Aviv event will be my guest co-host, Bobby Ford, global CISO, Unilever. And our guest will be John Meakin, CISO and security advisor, and formerly CISO for Burberry, GSK, Richemont, and RBS.It’s all happening on Monday, January 27th, 2020 in Tel Aviv at 6 PM.Please register for the entire schedule and location.
How a CISO Crafts an Ongoing Relationship with the Board
CISO/Security Vendor Relationship Podcast co-host Mike Johnson talks with Adrian Ludwig, CISO, Atlassian about how you communicate to the board and how that communication develops over time. Watch the video and then check out the full episode of the podcast, "We Put the FUN in InFunSec".
Sponsorship opportunities in 2020
We've got live events planned for San Francisco, New York, and Boston, plus tons of programs around podcasts, video chats, and live shows coming up, plus a full one-day live event. Please contact me, David Spark, for information.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.