Mon, 18 February 2019
CISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com.
We tip our hat to the much maligned "Department of No" for having the foresight to see that refusing service is probably the most efficient and secure response.
This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson, CISO of Lyft. Our guest this week is April Wright (@AprilWright), CEO, ArchitectSecurity.org.
Thanks to our sponsor, Endgame
Endgame makes nation-state grade protection as easy as anti-virus. Their converged endpoint security platform is transforming security programs – their people, processes and technology – with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before damage and loss. To learn more visit www.endgame.com. Endgame will be at RSA this year in booth 1827 in the south hall.
On this episode
How CISOs are digesting the latest security news
In an effort to improve security before the 2020 Olympic games, the government of Japan will try to hack its own citizens by using default passwords on webcams, routers, and other Internet connected devices. If they break through they will alert the people that their devices are susceptible to attacks. How good or bad is this idea? Will this give way to easy phishing scams?
Why is everybody talking about this now?
Online, Mike brought up the subject of security rockstar culture and specifically pointed this comes from the security staff playing offense vs. the ones playing defense who really need a team behind them to be effective. We look at the difference between a healthy leading voice in security vs. “a look at me” security rockstar.
It’s time to play, “What’s Worse?!”
Two rounds and the first one Mike spends a lot of time debating.
Ask a CISO
Brad Green of ObserveIT asks, “Do CISOs pay attention to competitive market conditions of different vendors?”
Are you aware of what’s going on and what impact do analysts have?
What do you think of this pitch?
Two pitches to critique. Lots of insight.