A 'Single Pane of Glass' for Ignoring Vendor Pitches

A 'Single Pane of Glass' for Ignoring Vendor Pitches

December 04, 2018

CISO | Security Vendor Relationship Series

This week's podcast episode

'Single Pane of Glass' for Ignoring Vendor Pitches

Ignore All Vendor Pitches in a 'Single Pane of Glass' - CISO/Security Vendor Relationship Podcast

What you'll learn:

On this week's podcast, co-host Mike Johnson, CISO of Lyft, and guest Chris Castaldo, sr. director of cybersecurity, 2U, discuss the following:

  • Will "demos for charities" be the new marketing spend? Inspired by my co-host, our guest sold his personal time to hear vendor pitches in exchange for a charitable donation. Similarly, one of our listeners, a vendor, also offered charitable donations to those practitioners who listened to their pitch. Both were happy with the experience and will do it again. Is this just a one-time novelty or will others fall in line?

  • Are we doomed to never be secure? After the Marriott breach Brian Krebs spelled out an unfortunate reality we all knew was true. We simply can't trust any company with our data. How then do companies maintain trust if they can't insure security? Our guest argues for transparency, but only in context. Mike's communications are internal and he imbues trust by breaking security down on a feature by feature and control by control basis.

  • A manager doesn't necessarily have to be a leader. The two roles need to be decoupled. A manager isn't necessarily required to lead. 

  • Focus on the end user when building a security program. Successful security isn't just about the controls you put in place, but the experience you create for the end user. 

  • There are a LOT of single screen solutions. At the end of the show, Mike goes off on vendors who sell 'single pane of glass' solutions. Yours isn't necessarily the one that they're going to look at. Mike prefers vendors who offer APIs so he can create his own 'single pane of glass.'

Vulcan Cyber-Remediate vulnerabilities

Special thanks to this week's podcast sponsor, Vulcan Cyber

Vulcan Cyber is your automated vulnerability remediation solution. Put an end to manual-only patch management and reduce vulnerability risk with a cloud-based solution that bridges the vulnerability remediation gap. Automate and orchestrate the vulnerability remediation process with Vulcan Cyber.

Yaniv Bar-Dayan, CEO, Vulcan Cyber on risk management

LIKE THESE MEMES?

We just started publishing quotes from podcast guests.Take a look at the one above and the two below. We've started distributing these snackable security tidbits all over social media. And guess what, you could sponsor them. We have a version of the memes that includes your company branding.Interested? Just connect with me on LinkedIn or REPLY to this email.

Mike Johnson, CISO, Lyft on vulnerability management

Best moments from “Latest Unnecessary Stats from Marginal Security Threats”

Best moments from “Latest Unnecessary Stats from Marginal Security Threats”

Here are three of the best moments from last week's episode of the CISO/Security Vendor Relationship Podcast,

Highlights in

include:

  1. Creating an environment to be a great leader

  2. Vulnerability management’s place in the business

  3. A startup’s need for transparency, especially during rapid growth.

Yaniv Bar-Dayan, CEO, Vulcan Cyber on leadership

SUBSCRIBE TO THE PODCAST

Got a podcast catcher? Search for "CISO" and chances are you'll find the CISO/Security Vendor Relationship Podcast. If it doesn't come up, go ahead and click on any of these links to subscribe to the feed.

If you're already a subscriber, THANK YOU! If you like the show, please tell all your friends on social media and write a review on iTunes.