- CISO Series Newsletter
- Posts
- A Pesticide-Free Podcast Made with 'All Natural' Intelligence
A Pesticide-Free Podcast Made with 'All Natural' Intelligence
A Pesticide-Free Podcast Made with 'All Natural' Intelligence
This week's podcast episode of the CISO/Security Vendor Relationship Podcast
A Pesticide-Free Podcast Made with 'All Natural' Intelligence
Co-host Mike Johnson and our sponsored guest Mike Wiacek, co-founder and CSO, Chronicle, discuss the following:
Got AI? Better be able to explain what it is. We don't need algorithms, but we do need to know how your AI is learning. Whatever you do don't wave off the request to learn more and say it's your "secret sauce" or "I'd have to kill you if I told you." UGGH.
Hooray, your users are making it difficult to see what they're doing. On the onset, a user deploying a VPN to hide their traffic or deleting files may be irritating, but what they're really telling you is they're a security-minded user. That's awesome. Next step is to talk to them about how they're running security and how you can keep doing your job for privacy and compliance reasons.
Why are both the threats and the hunters hidden? If you hire someone to be a threat hunter, what do you expect them to be doing? Do they tell you? This definition of threat hunting is so varied. You need to know what they're actually going to be doing for you. Don't fall for the 'secret sauce' answer. Truly have them explain their process.
Special thanks to Chronicle for sponsoring this week's episode of the CISO/Security Vendor Relationship Podcast.
Chronicle’s Backstory is a global security telemetry platform for investigation and threat hunting within your enterprise network. Backstory makes security analytics instant, easy, and cost-effective. Backstory is a specialized, cloud-native security analytics system, built on the core infrastructure that powers Google itself.
RECORDING LIVE IN SF TOMORROW NIGHT
Here's your last chance to get in on the live recording of CISO/Security Vendor Relationship Podcast on Wednesday, March 6th in San Francisco. You can still register. There are just handful of registration spots left. Show up when the doors open at 5:00 PM to insure you get in. We start recording at 6:00 PM.
This week's episode of Defense in Depth
Threat Intelligence
On this episode of Defense in Depth:
Co-host Allan Alford, CISO of Mitel, and our sponsored guest Eric Murphy, VP of security research, SpyCloud, discuss the following:
Threat intelligence is about telling a story. And that story is broken up into three parts: strategic, operational, and tactical intelligence. Threat intelligence today really isn’t about creating that story. Most of the cases are about correlating data points.
Threat intelligence becomes stale when you are reactionary vs. being proactive.
Threat intelligence fails when you don’t mix multiple intelligence points to form a more complete full story of your adversaries.
Feeds are not valuable by themselves. When you combine it with your internal data, that’s when you could actually come up with something actionable.
If you’re not ingesting and onboarding your data appropriately into your internal threat intelligence team, why do you even have it?
Special thanks to this week's Defense in Depth podcast sponsor, SpyCloud.
about how you can protect employees and customers from account takeover with SpyCloud.
Your feedback
Best Responses to “30 Security Vendor Behaviors That Set Off a CISO’s BS Detector”
This article on what not to say to a CISO caused a flurry of responses, and I pulled out my favorites to highlight in this video. Read the original article here.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.