Shoving Money Down Security's Bottomless Pit

Shoving Money Down Security's Bottomless Pit

January 08, 2019

CISO | Security Vendor Relationship Series

This week's podcast episode

Shoving Money Down Security's Bottomless Pit

Shoving Money Down Security's Bottomless Pit

What you'll learn:

On this week's podcast, co-host Mike Johnson, CISO of Lyft, and our guest Allan Alford, CISO of Mitel, discuss the following:

  • 2019 will be the year of CCPA. Put a time limit on a regulation and you'll see both consumers and vendors drastically change focus. The last two years drove attention to GDPR, This year will show increased interest in privacy thanks to the California Consumer Privacy Act which will go in effect on January 1, 2010.

  • Focus on the intersection of risk and money. Business and security are aligned as they are both dealing with risk. Make the business own security, not the CISO.

  • Money doesn't make things secure. Those who think that security can be handled with point solutions in a one-off process also believe problems can be solved purely through money. 

  • Long-term security campaign. If you think about security as an ongoing issue, it becomes an ongoing campaign that gets incrementally better. Think seat belt and anti-smoking campaigns. Those two haven't been eradicated, but they have improved. To keep people in line, you'll need to keep showing small wins.

  • When IT and security are and aren't different. Whether IT should be construed as security depends on how you define IT. Some organizations that are completely based in cloud computing, such as on AWS instances, don't even think they have an IT department.

Red Canary

Special thanks to this week's podcast sponsor, Red Canary.

is a security operations ally to organizations of all sizes. They arm customers with outcome-focused solutions that can be deployed in minutes to quickly identify and shut down adversaries.

for access to educational tools and other resources that can help you improve your security program.

Mike Johnson, CISO, Lyft on Gartner's Magic Quadrant

JOIN US IN SAN FRANCISCO

On January 23rd, 2019 we'll be recording in front of a live audience with me, my co-host Mike Johnson, CISO of Lyft, and our special guest, Andy Steingruebl, CSO of Pinterest. Click below to watch the video and register for this free event.

Darren Death, CISO, ASRC Federal on Security 101

Best moments from “Real Housewives of Cybersecurity”

Best Moments from “Real Housewives of Cybersecurity”

Here are three of the best moments from the most recent episode of the CISO/Security Vendor Relationship Podcast, “Real Housewives of Cybersecurity.”

Highlighted in this video include:

  1. Online feud between CrowdStrike and Cybereason

  2. Security 101

  3. Overuse of “blockers” in tech

Mike Johnson, CISO, Lyft on inappropriate CEO behavior

SUBSCRIBE TO THE PODCAST

Got a podcast catcher? Search for "CISO" and chances are you'll find the CISO/Security Vendor Relationship Podcast. If it doesn't come up, go ahead and click on any of these links to subscribe to the feed.

If you're already a subscriber, THANK YOU! If you like the show, please tell all your friends on social media and write a review on iTunes.