[06-06-24]--Join us tomorrow for “Hacking SOC 2 Vs. ISO 27001”

Author

Aaron
June 06, 2024

Super Cyber Fridays!
Join us TOMORROW, Friday [06-07-24], for "Hacking SOC 2 Vs. ISO 27001"

Hacking SOC 2 Vs. ISO 27001

Join us Friday, June 07, 2024, for “Hacking SOC2 Vs. ISO 27001: An hour of critical thinking about the value of these compliance standards.”

It all begins at 1 PM ET/10 AM PT on Friday, June 07, 2024 with guests Faisal Khan, SME, Security GRC, Vanta and Rich Friedberg, CISO, Live Oak Bank. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.

Thanks to our Super Cyber Friday sponsor, Vanta

Vanta

Defense in Depth
We Want a Solution to Remediate, Not Just Detect Problems

We Want a Solution to Remediate, Not Just Detect Problems

Discovery of security issues is important, but ultimately we need them remediated. So why do so many solutions seem to stop short?  

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and guest co-host Yaron Levi, CISO, Dolby. Joining us is our guest, Neil Watkins, svp technology and cybersecurity services, i3 Verticals. 

Visibility doesn’t matter without context

Many cybersecurity tools promise to increase visibility. But unless that’s connected to giving broader context, it just increases the noise an analyst must deal with. "The last thing we need in cybersecurity is a cloudy fuzzy picture of where to focus our time, money, and energy," said Frank Siepmann of Solvitur Systems. As Clea Ostendorf, field CISO of Code42 pointed out, we shouldn’t dismiss visibility, but realize that it isn’t a net gain in itself, saying, "If a tool elevates exposure, the visibility is valuable. However, ‘visibility’ fatigue is real. Visibility without filtering is noise." Where visibility becomes valuable is when it helps connect the dots."Visibility is to see the who, what, and why of an event to give context to the threat analyst that will help them to threat hunt," said Byron Rashed of Centripetal. 

Not all visibility is created equal

Granularity makes a big difference with any kind of visibility solution. Overbroad solutions don’t help if a solution constantly cries “wolf.” "Not all visibility solutions are built the same. Some point directly to the source of a problem and leverage granular data from packets to get the right team in the right place to make the right call on where and how to put out the fire in a quick efficient manner," said Eric Strassman of Red Canary. Max Brunner of Salt Security made the perfect analogy for this, saying, "Most vendors struggle to distinguish the difference between a hot shower and a burning couch. But some do this accurately while also telling you the exact location of the couch, how and why it caught fire, and sharing with you how to prevent the fire from spreading and enabling you to text your kids with instructions on how to play safely going forward. But most vendors are smoke detectors."

Don’t forget to bring people into the loop

No visibility solution can do much with the people and process needed to take action on findings. "You need visibility, an action plan, and qualified people to execute it. Nothing happens without people to do it," said Jenni Martin of Capstone IT. It’s important to connect visibility into the remediation process as tightly as possible, especially for more resource-constrained organizations. James Berthoty of Latio Tech pointed to this reality, saying, "The only fix I've seen is getting the alerts directly to the teams that are going to be fixing them and skipping the middleman. Small security teams run out of batteries quickly."

Remediation doesn’t scale with more visibility

Ultimately, the point of visibility is to know what you need to remediate. But as Mark Graziano of Segment points out, that’s much harder to scale, saying, "If someone makes a new tool that can identify 10x more vulns than the nearest competitor, but my vulnerability management team still experiences inefficiency in remediating vulnerabilities identified by an existing tool, is it really a betterment for security? Tools that emphasize remediation efficiency will be the next frontier."

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Thanks to our podcast sponsor, GitGuardian

GitGuardian

Subscribe
Subscribe to Defense in Depth podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "Defense in Depth" into your favorite podcast app.

LIVE!
Cyber Security Headlines - Week in Review

CSH Week In Review Andrew Wilder, CISO, Community Veterinary Partners

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Andrew Wilder, CISO, Community Veterinary Partners.

Thanks to our Cyber Security Headlines sponsor, Conveyor

Conveyor
Unseen Challenges in OT Security with DirectDefense

Compared to IT, operational technology (OT) systems are often misunderstood and mishandled. There’s a reason for this, OT carries a lot of unique challenges, such as the inability to use standard IT protections like antivirus and the use of different communication protocols, says Christopher Walcutt, CSO, DirectDefense. Visibility is paramount to enabling resilience in OT systems. To achieve this, organizations must foster collaboration between IT, physical security, and facilities departments.

Huge thanks to our sponsor, DirectDefense

DirectDefense

Cyber chatter from around the web...
Jump in on these conversations

"Why are salaries for airline cybersecurity positions relatively low?" (More here)

"Why are SQL injections still a thing?" (More here)

"Deep Dive Google Account Security" (More here)

Coming Up On Super Cyber Friday...
Coming up in the weeks ahead on Super Cyber Friday we have:

  • [06-07-24] Hacking SOC 2 vs. ISO 27001

  • [06-14-24] Hacking the Conversation Around Risk

  • [06-21-24] Hacking Generative AI Anxiety

 Save your spot and register for them all now!

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.