- CISO Series Newsletter
- Posts
- [03-09-23] Join us tomorrow for “Hacking RSA”
[03-09-23] Join us tomorrow for “Hacking RSA”
Join us tomorrow for “Hacking RSA”
Super Cyber Fridays!
Join us TOMORROW, Friday [03-10-23] for “Hacking RSA”
Join us Friday, March 10th, 2023, for “Hacking RSA: An hour of critical thinking about how to get the most from attending RSA, or any security conference.”
It all begins at 1 PM ET/10 AM PT on Friday, March 10th, 2023 with guests Adrian Sanabria, host, Enterprise Security Weekly and Allan Alford, host, The Cyber Ranch Podcast. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.
Defense in Dept
Can You Build a Security Program on Open Source?
What would it take to build your entire security program on open source software, tools, and intelligence?
Check out this post for the discussion that is the basis of our conversation on this week’s episode of Defense in Depth co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap, CISO, LinkedIn. We welcome guest DJ Schleen, distinguished security architect, Yahoo Paranoids. We discussed the following:
ANSWER: "Possible? Yes. Feasible? Yes. Practical? Not much." This was the response of Bruno Guerreiro Diniz of Datasec which summed up our entire episode. There was agreement that open source tools had their place, but to use it for your entire security program, well that would take a lot of setup and maintenance work, noted Ofer Shaked of Deepblue.
Smaller organizations can definitely take advantage of open source. There was a general feeling that open source can’t scale. Dennis Merenguelli of Verizon noted that small organizations can definitely find value with open source, but it’s not for the enterprise. That’s mostly because open source can’t deliver necessary advanced tooling, noted Jonathan R. of Lightspin.
While acquisition of open source tools are free, their implementation is not. "The more open source you use the more people you need,” said Dan Holden of BigCommerce. “What you save in software licensing you’ll spend in human expertise to keep the thing working,” noted Toby Lewis of Darktrace.
Tread gently when implementing open source tools in your environment. Ofer Shaked mentioned that there are some DIY enthusiasts who truly want to hack the software, and heck that’s what open source is all about. But those people also use lots of paid tooling, even though they want to be creative with open source. You can definitely find uses for open source in your environment, just ask yourself whether you have the skills and time to manage it in a business setting.
Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.
Thanks to our podcast sponsor, SPMB Executive Search
LIVE!
Cyber Security Headlines - Week in Review
Make sure you
to join the LIVE "Week In Review" this Friday for
Cyber Security Headlines
with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Nick Espinosa, host, The Deep Dive Radio Show.
Thanks to this weeks' sponsor, Packetlabs
Jump in on these conversations
"How do you view the impending recession for cyber security roles in 2023?" (
)
"What Cyber Security roles are more 9-5?" (
)
"How to send password securely?" (
)
Coming Up On Super Cyber Friday...
Coming up in the weeks ahead on Super Cyber Friday we have:
[03-10-23] Hacking RSA
and register for them all now!
Thank you!
Thank you for supporting CISO Series and all our programming
We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!
Everything is available at cisoseries.com.
Interested in sponsorship, contact me, David Spark.