- CISO Series Newsletter
- Posts
- 08-27-19 - Open This Email for an Exclusive Look at Our Clickable Web Links
08-27-19 - Open This Email for an Exclusive Look at Our Clickable Web Links
Open This Email for an Exclusive Look at Our Clickable Web Links
This week's episode of CISO/Security Vendor Relationship Podcast
Open This Email for an Exclusive Look at Our Clickable Web Links
On
Mike Johnson and our guest, Aanchal Gupta, Head of Security for Calibra, Facebook, discussed:
All is not lost after a breach. CISOs will still work with vendors.
BUT, it's important that vendors handle breaches to the best of their ability and they're implementing new safeguards to prevent similar incidents from happening. Whether breached or not, validate a vendor's efficacy by asking for pentest reports, certifications, and audit findings. This will give you a holistic picture as to how the vendor operates. Was this situation an anomaly or do they operate under a veil of negligence?
Aanchal Gupta, Head of Security for Calibra, Facebook, Mike Johnson, Co-Host, CISO/Security Vendor Relationship Podcast, David Spark, Producer, CISO Series.
The effectiveness of telecommuting starts with the business.
While you may be the most efficient remote worker ever, if the business culture is not ready to handle it, it's a non-starter.
Unconscious bias comes into play with telecommuting.
When you have to do business with people all over the world, someone is going to have to be awake at an unspeakable hour. If one person is always forced to take the calls at 4 AM, you're making it clear that their participation is not needed or you're giving someone else preferential treatment. One way to manage this inevitable problem is to rotate the times so it's not always the same person stuck with the 4 AM call.
Remove the stigma from being phished.
No matter how savvy a security professional you are, everyone can be phished. Not knowing about someone being phished is far worse than being phished. Stress the importance of reporting phishing. It's OK to be phished. It happens to everyone. Make it clear that you're not measuring individual behavior, but looking at aggregate data.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Expel.
is flipping today’s managed security model on its head (Ouch!) for on-prem and cloud, taking a technology-driven approach that lets analysts focus on what humans do best: exercise judgment and manage relationships. The company offers 24x7 monitoring through its security operations center-as-a-service, using the security tools customers already have.
Preview video for this week's CISO/Security Vendor Relationship Podcast
Hacktober: A Month of Security Games at Facebook
October is cybersecurity awareness month and Facebook celebrates it with a month of training, pen testing, and games.
Right after recording this week's episode of CISO/Security Vendor Relationship Podcast, Mike and Aanchal talked about Hacktober, and how she gets both security and non-security employees involved in the security games.
Basic Tips for Networking with InfoSec Professionals
Networking with other professionals is not rocket science, but sometimes you need to be reminded to not focus on your elevator pitch but rather what you can provide to the community.I chatted with David Raviv, founder of the nearly 5,000 member strong New York Information Security Meetup group. The CISO Series is partnering with Raviv and his group to host our live audience recording of the CISO/Security Vendor Relationship Podcast in New York City's Times Square on September 5th, 2019.Watch the video and you'll find information about registering for the event.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.