10-29-20 - I'm Sorry, I Don't See "Cybersecurity" On the Guest List

I'm Sorry, I Don't See "Cybersecurity" On the Guest List

October 29, 2020

CISO Series

This week's episode of Defense in Depth

Securing Digital Transformations

Securing Digital Transformations

is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our guest is Paul Asadoorian, founder & CTO, Security Weekly, and chief innovation officer, CyberRisk Alliance. All three of us discussed:

  • Digital transformation is about relying on computing technology for more integral processes and aspects in our daily work lives.

  • Lots of debate on the definition of digital transformation and as well securing digital transformations.

  • Definition: A targeted change to process and technology for the benefit of the people.

  • Definition: increasing levels of interoperability of information.

  • We heard the recurring argument of the need for security to have a seat at the table at the beginning of a digital transformation, and not at the end. But at the same time reality sunk in and it was argued that security doesn't get to dictate that. And if security tried to, it would create a greater wedge with the business.

  • When security is brought in at the end though, security has no option but to disrupt the business. Then no one is happy.

  • Digital transformation simply introduce new risks, often greater risk. If the point is to integrate more of your processes, then that integrates the risk as well.

  • If you're undergoing a true transformation, you are looking at core processes and saying, "What new tech facilitates, streamlines, and/or actualizes these core processes?" You no longer have to settle for shopping for a solution and then smashing your processes up against it.

  • Your security tools should also undergo a transformation. That includes a transformation in monitoring as well.

Special thanks to this week's podcast sponsor, Keyavi Data.

Keyavi Data

Our Keyavi breaks new ground by making data itself intelligent and self-aware, so that it stays under its owner’s control and protects itself immediately, no matter where it is or who is attempting access. Keyavi is led by a team of renowned data security, encryption, and cyber forensics experts. See for yourself at

.

Cyber Security Headlines

Cyber Security Headlines - October 28, 2020

This week's sponsor of

Cyber Security Headlines

is F5 and Security Summit

F5 Security Summit

TOMORROW! Friday [10-30-20] We're "Hacking Bad Threat Modeling"

Please join us on Friday, October, 30th, 2020 at 10 AM PT/1 PM ET for “Hacking Bad Threat Modeling: An hour of critical thinking about the worst ways to identify what could go wrong”.I'll be leading this discussion with Archie Agarwal, CEO, ThreatModeler Software and Adam Shostack, author, "Threat Modeling: Designing for Security".

Plus, immediately after the video chat (11:00 AM PT/2:00 PM ET) we'll rollover to our meetup where you get a chance to connect with fellow cybersecurity professionals.

Thanks to our sponsor ThreatModeler Software

Best Moments from "Hacking Build vs. Buy Automation"

Best Moments from Hacking Build vs. Buy Automation - CISO Series Video Chat

Here are the highlights from last Friday's [10-23-20] CISO Series Video Chat: “Hacking Build vs. Buy Automation: An hour of critical thinking on the ongoing security decision.”Joining me for this discussion were Scott Eigenhuis, head of security, Helix Chas Ballew, CEO, Aptible.Check out the blog post to watch the video, read the "Best Bad Ideas" and the best quotes from the chat room, and to get access to the full one-hour recording.

Huge thanks to our sponsor, Aptible

Aptible

Subscribe to all our podcasts

Click any of the podcasts below to get access to the subscription feeds. If you're already a subscriber, thank you!