10-10-19 - We've Got All the Alerts You Love to Ignore

We've Got All the Alerts You Love to Ignore

October 10, 2019

CISO | Security Vendor Relationship Series

This week's episode of Defense in Depth

User-Centric Security

 On this episode of Defense in Depth:

Co-host Allan Alford and our sponsored guest for this episode is Adrian Ludwig, CISO, Atlassian, a customer of our sponsor, Castle. All three of us discussed:

  • It's impossible to create a security system that removes the user from the equation. They are integral and they have to be part of your security program.

  • Security is defined by the individual.

  • The minimum expectation you can have of your users is that they'll operate in good faith.

  • Avoid complexity because as soon as it's introduced it drives problems everywhere.

  • Instead, keep asking yourself, how can I make security more usable?

  • Individuals are suffering from alert fatigue. If you're going to send an alert to a user, make it relevant and actionable. And always be aware that your security alerts are not the only alert the user is seeing and deciding or not deciding to take action on.

  • Think about all the alerts you completely ignore, like the confidentiality warning in a corporate email.

  • One of the main problems with security is the party who suffers is not the one who has to act.

  • The user often does not have any stake in the goods he/she is protecting.

Special thanks to this week's Defense in Depth podcast sponsor, Castle.

Castle

Castle is helping businesses keep customers’ online accounts safe from targeted account takeovers, automated credential stuffing, and risky user transactions. Castle’s user centric approach to account security allows organizations to fully automate threat response and account recovery in real-time with risk-based authentication, granular access policies and custom workflows. Learn more at www.castle.io

Allan Alford on Resiliency

October 22nd: Join webinar on digital forensics

Join me on Tuesday, October 22nd, at 11 AM Eastern for a webinar entitled "How to Avoid Digital Forensics that Overpromise and Underdeliver." I'll be the moderator with a panel of experts discussing the following issues:

  • Increasing your data visibility and ability to respond quickly

  • Avoiding delayed and thereby costly dwell time

  • Understanding the vulnerabilities that led to an attack

  • How quality forensics can improve your cyber resilience

Geoff Belknap, CISO, LinkedIn

SUBSCRIBE TO BOTH PODCASTS

Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.

If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.