- CISO Series Newsletter
- Posts
- 08-13-19 - If Capital One Listened to Our Podcast They Still Would Have Been Breached
08-13-19 - If Capital One Listened to Our Podcast They Still Would Have Been Breached
If Capital One Listened to Our Podcast They Still Would Have Been Breached
This week's episode of CISO/Security Vendor Relationship Podcast
If Capital One Listened to Our Podcast They Still Would Have Been Breached
was recorded on the trade show floor of Black Hat 2019 in ExtraHop's booth. On this episode, Mike Johnson and our sponsored guest, Tom Stitt of ExtraHop discussed:
When a big breach happens in the news, inform the staff/board as to your posture.
After a very public breach, like Capital One's, the security media and vendors are awash of either misinformation or non-relevant information. It's incumbent on you, the security professional, to provide some insight to your internal stakeholders as to how your security posture could or could not be affected by a similar breach.
(left to right) Tom Stitt, sr. director, product marketing - security, ExtraHop, David Spark, producer, CISO Series, Mike Johnson, co-host, CISO Series
When there's a breach, use it as an education moment.
What was the threat? What did we learn from that? And what can we learn as an industry rather than pointing fingers at each other?
Network behavior analysis should focus on assets, rather than client devices.
Ask your cloud data provider, what data do I have access to? How can I instrument endpoints to build a larger model when many are encrypted? And ask the very basic question as to what do you have on your network?
It's going to take me more than 15 minutes to give you 15 minutes of my time.
This "15 minutes of your time" request costs a lot more than 15 minutes. You take the time to read the email. If you accept the 15 minutes of time request, that takes a few minutes to process and respond. Then it will take more than 15 minutes to find 15 minutes. Possibly longer to coordinate with the other person. Then when you have the meeting the person who requested 15 minutes isn't going to adhere to the standard he/she set for themselves and they're more likely going to go long and you're not going to cut them off because you don't want to come off as rude. As a vendor, please stop making this request.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, ExtraHop.
Unlike security solutions that focus on signature- and rule-based detection, ExtraHop Reveal(x) helps you rise above the noise of alerts with complete east-west visibility and machine learning for real-time detection of known and unknown threats, plus guided investigations for rapid response. Find and address real threats faster with ExtraHop.
Mike Johnson sporting his favorite new t-shirt, emboldened by a quote heard on the
CISO/Security Vendor Relationship Podcast
.
CISO Series crew had a great time at Black Hat 2019
A HUGE thank you to all the fans that came up to me, Mike, and Allan and thanked us for the podcasts. We were truly touched when you said to us, "Thank you for what you're doing for the community."
thanking you and also asking to keep contributing.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.