View this email in your browser

This week's episode of Defense in Depth

Resiliency

 On this episode of Defense in Depth:

Co-host Allan Alford and our guest Anne Marie Zettlemoyer, vp, security engineering and divisional security officer, MasterCard, discussed:

• Resiliency allows the business to perform in conjunction with risk.

• A conversation about resilience forces security to think about business processes and the criticality of each one to the business' ability to sustain itself.

• We're forcing ourselves to think proactively when we have no choice but to react, hopefully automatically. Disaster recovery (DR) and business continuity planning (BCP) come into play here.

• There's a concern that of the CIA (confidentiality, integrity, and availability) triad, "integrity" doesn't have enough outside forces to insure its credibility.

• While security teams may just be coming up to speed, or are just thinking of resiliency, the business has been thinking about it since day one of becoming a business. If security begins thinking this way, they will be more in alignment with the business.

Special thanks to this week's Defense in Depth podcast sponsor, Castle.

Castle is helping businesses keep customers’ online accounts safe from targeted account takeovers, automated credential stuffing, and risky user transactions. Castle’s user centric approach to account security allows organizations to fully automate threat response and account recovery in real-time with risk-based authentication, granular access policies and custom workflows. Learn more at www.castle.io

Please join us on reddit!

In the previous newsletter I let all our brilliant readers know that we launched our subreddit at r/cisoseries. If you're a heavy reddit user, we need your help for the following:

• Finding the hot discussions on reddit.

• Telling us about them.

• Letting other reddit users know that we're here.

• Explaining to us how to mine the world of reddit. We're newbies. 

• Initiating discussions that if popular will bubble into segments on CISO/Security Vendor Relationship Podcast or entire episodes of Defense in Depth.

Join our reddit community today!

Hackers’ Ultimate Sandbox – Black Hat 2019 Network Operations Center ( NOC)

Once a year at one of the biggest hacker conferences anywhere, attendees to the Black Hat 2019 conference take what they’ve learned in classes and in sessions and test malware and intrusion techniques on this temporary network that’s pretty much designed to be abused.

The Black Hat Network Operations Center or NOC is a fertile playground for hackers. I got a chance to talk with one of the NOC leads, Bart Stump, about the purpose of the network and any unusual behavior they saw this year as compared to previous years.

SUBSCRIBE TO BOTH PODCASTS

Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.

• iTunes

• Spotify

• Stitcher

• RSS Feed

• iTunes

• Spotify

• Stitcher

• RSS Feed

If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.