CISO Series Newsletter
Posts
08-18-20 - Set It. Forget It. Reset It. Repeat.

08-18-20 - Set It. Forget It. Reset It. Repeat.

Set It. Forget It. Reset It. Repeat.

August 18, 2020

View this email in your browser

CISO | Security Vendor Relationship Series

This week's episode of CISO/Security Vendor Relationship Podcast

Set It. Forget It. Reset It. Repeat.

This week's episode

is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our guest is Brett Conlon, CISO, Edelman Financial Engines. All three of us discussed:

The "set it and forget it" attitude towards security is a path to insecurity.

Maintenance and situational awareness is the key to security. If you become complacent and think everything's OK, that's when you get into trouble. Given that the industry is constantly changing and in flux, even your ethics can't be set it and forget it. Those need to change as well.

The best thing you can do when your company is suffering a known vulnerability is to be available.

The most frustrating aspect of security is the unknown. The more information you can provide customers even when you've had to admit a failure is valuable. Silence brews mistrust, and trust can be more powerful than a product that has yet to have a major vulnerability.

As a candidate, what's your unfair advantage?

Less traditional skills are still highly appreciated in security, and it can be the one thing that puts you over the edge. While many candidates will approach with certificates and on the job training, what's diverse in your background that can be applied to security? CISOs want people who will challenge their existing viewpoints or attack problems in way they aren't event thinking about. How can your passion and background deliver on that?

Special thanks to this week's podcast sponsor, Keyavi Data.

Our Keyavi breaks new ground by making data itself intelligent and self-aware, so that it stays under its owner’s control and protects itself immediately, no matter where it is or who is attempting access. Keyavi is led by a team of renowned data security, encryption, and cyber forensics experts. See for yourself at keyavidata.com.

Mike Johnson on an alternative use of "What's Worse?!" questions

This Friday [8-21-20] We're Hacking Third Party Risk

Join us this Friday, August 21th, 2020 at 10 AM Pacific/1 PM Eastern for

"Hacking Third Party Risk : An hour of critical thinking on how to consider and measure all risks into your overall risk posture."

I'll be leading this discussion with Gerard Scheitlin, Reciprocity GRC expert and founder, RISQ Management and Nina Wyatt, CISO, Sunflower Bank.

REGISTER

Watch this preview video

for Friday's event.

Plus, immediately after the video chat (11:00 AM PT/2:00 PM ET) we'll rollover to the CISO Series Friday Meetup. Each participant will be randomly matched up in impromptu 1-on-1 five-minute conversations with fellow cybersecurity professionals. Link to do that will be made available during the video chat.

Huge thanks to

Reciprocity

for sponsoring.

Rohini Katsuri, chief product officer, Pulse Secure on SASE

SUBSCRIBE TO BOTH PODCASTS

Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.

If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.