- CISO Series Newsletter
- Posts
- 10-01-19 - Mapping Unsolvable Problems to Unattainable Solutions
10-01-19 - Mapping Unsolvable Problems to Unattainable Solutions
Mapping Unsolvable Problems to Unattainable Solutions
TOMORROW, Wednesday, October 2nd, 2019, the CISO Series hosts will be hosting our first AMA ("Ask Me Anything") on reddit. We'll start answering questions at 4 PM Pacific, but you can start asking your questions at 2pm on the r/cybersecurity subreddit.
This week's episode of CISO/Security Vendor Relationship Podcast
Mapping Unsolvable Problems to Unattainable Solutions
On
, Mike Johnson and our guest, Sounil Yu, former chief security scientist for Bank of America and creator of the Cyber Defense Matrix, discussed:
The Internet is awash with bad advice on passwords.
From change your password every 30 days to making sure it has a number or special character, much of the password advice that's floating about solved just one problem at a single point in time. Much of it still lingers even though it's no longer valid. Improve password security with a password manager, never duplicate a password, and deploy multi-factor authentication when you can.
David Spark, producer of CISO Series, Sounil Yu, creator of Cyber Defense Matrix, and Mike Johnson, co-host,
CISO/Security Vendor Relationship Podcast
.
Use the Cyber Defense Matrix to organize security vendors like food at the grocery store.
Making sense of the security landscape is confusing. Use a chart like the Cyber Defense Matrix to simplify and understand what you have and what you need to build out your security program.
Not all data is meant to be protected. Some of it is designed to be slaughtered.
Your non-precious data often only has a short lifespan and therefore has no need for protection. You can improve your business' resiliency to data theft if you can properly identify data that doesn't require protection vs. data that you want to take care of, like your pets.
As you introduce third parties and applications into your environment, ask yourself if they introduce new vectors.
Do you want a new tool or partner to attach you to new areas of accessibility, regulations, or sensitive data? If so, that will dramatically change your risk profile.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Zix.
simplifies administration and reporting with a single management interface. Configuring, deploying, and monitoring email security and unified archiving services has never been easier – or faster. ZixSuite combines a cloud-based email threat protection, email encryption, and unified business communications archiving, all backed by Zix’s gold standard 24/7/365 support.
CISO Series turns ONE!
What were the most popular podcast episodes, videos, and articles on CISO Series over the past year?
Today is the first year anniversary (hopefully there will be more) of CISOseries.com. In this video, Mike Johnson, Allan Alford, and I review the year's highlights and offer our opinions as to which content was our favorite and why we believe certain content performed so well.
Simple Tool to Visualize the Security-Vendor Ecosystem
The Cyber Defense Matrix is an easy-to-use chart for making sense of the unbelievably crowded field of cybersecurity solutions. It's also a good chart to see where you need support, through tools, processes, or people, for your security program.
Following up the recording of this week's episode, Mike Johnson chatted with the creator of the Cyber Defense Matrix, our guest, Sounil Yu. The two of them talk about the matrix, its value to the industry, and the help Sounil needs to complete his research so others can uncover value from the chart.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.