Defense in Depth
What is the Visibility That Security Teams Need?

Every vendor is quick to throw out the word visibility. But like AI, that term is loaded and has a wide variance. What is meant by visibility, and does sync with what is desired by visibility?

Check out this post by Rinki Sethi, CSO, Upwind Security, for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Bil Harmer, security advisor, Craft Ventures. Joining them is James Bruce, business security services director, WPP.

Listen to the full episode here.

Turning visibility into actionable intelligence

The cybersecurity industry is shifting toward targeted visibility that drives concrete action, rather than trying to do everything. Max Stevens from Upwind Security observes this maturity: "A few years ago, the mindset shifted from 'I want to see everything' to 'I want visibility and clear, actionable steps.' Observability without action is just noise." This evolution helps prevent a glut of data that overwhelms teams with information rather than insight. In an era of alert fatigue and sprawling logs, the ability to filter signal from noise has become the differentiator for effective security programs. "The real value comes when visibility leads to actionable insight, not just more data, but the correct data to make fast, informed decisions," said Nivathan Athiganoor Somasundharam of Teleport.

Pure visibility still provides an essential security foundation

While actionable intelligence represents the gold standard, comprehensive visibility maintains value even when immediate remediation isn't practical. Lior Yaari from Grip Security argues for recognizing this foundation, saying, "While we pride ourselves for 'actionable visibility' in the product pitch, I do want to highlight the benefit of pure visibility for a short moment." In things like software composition analysis, simply knowing which open source packages are deployed provides crucial context for rapid incident response, even without immediate remediation actions. Just because vendors have saturated a term, it doesn't mean the underlying idea lacks value. As Andrew Dutton of Sumitomo Chemical America reminded, "I disagree with the use of the term being overused. It is a core function of 'you can't secure what you don't know.'"

Finding strategic value

Security teams struggle to connect their technical wins with business value that executives actually care about. Mike Wilkes from Columbia University has an idea for bridging this gap: "Just as Business Intelligence (BI) implies that we have data and we distill intelligence from big data that matters, maybe there is room for a new term that I'd call Business Impact Intelligence (BII) that delivers a similar distillation and filtering of data that helps prioritize data that is important to the business." It's about moving beyond what's technically interesting to what actually moves the needle. If you can't demonstrate value, you're going to have a hard time getting the business to buy-in. "Every platform and every program must be able to answer the 'so what' question, and translate whatever they see into actionable intelligence and demonstrable impact," said Mike Towers of Veza.

The risk of gaps in identity management

Organizations can monitor user activity all day long, but still miss the bigger problem: people having access they shouldn't have in the first place. Nuri Rosen of Britive points to this blind spot, saying, "One main issue we see is that even if companies have general visibility into their user activities, they cannot detect misconfigured human and service user accounts, which leads to widespread privilege sprawl and static access." Companies that can detect an attack in progress but can't prevent privilege escalation through excessive permissions aren't any better protected.

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Huge thanks to our sponsor, ThreatLocker

Subscribe
Subscribe to Defense in Depth podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "Defense in Depth" into your favorite podcast app.

We’ll be back Friday [10-17-25], for "Hacking Next Gen Data Threats"

Join us again on Friday, October 17, 2025, for “Hacking Next Gen Data Threats: An hour of critical thinking about what you need to setup your AI guardrails.”

Joining us will be Abhi Sharma, CEO and co-founder, Relyance AI. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.

Register now

Thanks to our Super Cyber Friday sponsor, Relyance AI

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guests will be Dustin Sachs, senior manager, information security risk management, World Fuel Services, and Christina Shannon, CIO, KIK Consumer Products.

Thanks to our Cyber Security Headlines sponsor, ThreatLocker

What do you like to say "NO" to?

At Black Hat 2025, David Spark asked cybersecurity professionals what they most enjoy saying “no” to. Despite the “Department of No” stereotype, these experts have learned when a firm "no" protects the business.

Whether that’s blocking risky AI tools, denying unnecessary feature requests, or keeping personal devices out of corporate environments. Sometimes, the smartest “no” keeps the door open for better, safer innovation.

Huge thanks to our sponsor, ThreatLocker

Cyber chatter from around the web...
Jump in on these conversations

“CISA kills agreement with nonprofit that runs MS-ISAC” (More here)

“What are the best cybersecurity job boards? I'm tired of LinkedIn/Indeed” (More here)

“Why burnout is a growing problem in cybersecurity” (More here)

Coming Up On Super Cyber Friday...
In the weeks ahead on Super Cyber Friday we have:

• [10-17-2025] [Hacking Next Gen Data Threats]

• [10-24-2025] [Hacking the Death of EDR]

• [10-31-2025] [Hacking CISO Self-Interest]

 Save your spot and register for them all now!

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.