- CISO Series Newsletter
- Posts
- 04-23-20 - Should You Just Stop Buying Tools and Use What You've Got?
04-23-20 - Should You Just Stop Buying Tools and Use What You've Got?
Should You Just Stop Buying Tools and Use What You've Got?
This week's episode of Defense in Depth
Fix Security Problems with What You've Got
On this episode of Defense in Depth:
Co-host Allan Alford and guest Brent Williams, CISO, SurveyMonkey, discussed:
It's very possible you're not using the tools you've purchased to their full potential. What would happen if you completely stopped buying security products and tried to fix your problems with the tools you've already purchased?
The reason this is such a popular discussion is that as an industry we're still struggling with managing the fundamentals of security.
Shelfware happens because we buy before we're ready. Purchase decisions should be made in conjunction with knowing if you have the staff and understand the integration points to implement the solution.
Tooling for the few layers must be dealt with first. You don't need a solution selling a higher layer of security if you don't have the foundation built.
Much of this argument is based on the messaging we hear from vendors. They're understandably in the business of selling product. Be cognizant of how you're absorbing information.
We need to also focus on the people who unfortunately are fallible and can make non-malicious, but poor decisions.
If there was going to be any additional spending, the argument was to invest in your people - from the entire staff to specific training for your security staff.
Thanks to this week's sponsor of Defense in Depth, Deep Instinct.
Deep Instinct is changing cybersecurity by harnessing the power of Deep Learning to prevent threats in zero time. Deep Instinct’s on-device, solution protects against zero-day, APT, ransomware attacks, and against both known and unknown malware with unmatched accuracy and speed. Find out more about the solution’s wide covering platform play.
TWO CISO Series Video Chats
Tomorrow [4-24-20] Hacking the Modern Workforce
Join us for “Hacking the Modern Workforce: An hour of critical thinking about managing access in a dynamic workplace”.
Friday, 4-24-20 at 10 AM Pacific/1 PM EasternREGISTER
Tomorrow [5-1-20] Hacking the Security Stack
Join us for “Hacking the Security Stack: An hour of critical thinking about what is going to disappear and what you’ll introduce in the security program of the future”.
Friday, 5-1-20 at 10 AM Pacific/1 PM EasternREGISTER
Best Moments from "Hacking Zero Trust"
Here are seven minutes of the best moments from "Hacking Zero Trust" Video Chat. To watch the full video go here.
I moderated a discussion with Allan Alford, co-host, Defense in Depth and Anthony James, vp of product marketing, Infoblox.
Huge thanks to everyone who participated, and see below for the best quotes from the chat room. Lastly, congrats to Dutch Schwartz of AWS for offering up the best bad idea. Watch the video for that moment and how they handled it.
For as long as we can handle it, our video chats will be happening every Friday at 10 AM Pacific/1 PM Eastern. Please follow us on Crowdcast to get announcements of each new video chat and also be alerted the moment a video chat goes live.
Thanks to our video chat sponsor, Infoblox.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.