Mon, 21 January 2019
CISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com.
We don't have to make our software any simpler to use. You just need to get smart enough to use it. We're all attitude on the latest episode of the CISO/Security Vendor Relationship Podcast.
This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson, CISO of Lyft. Our sponsored guest this week is Mike Nichols (@hmikenichols), VP of product at Endgame.
Endgame makes nation-state grade protection as easy as anti-virus. Their converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before damage and loss. To learn more visit www.endgame.com. Endgame will be at RSA this year in booth 1827 in the south hall.
On this episode
How CISOs are digesting the latest security news
Is this yet ANOTHER security breach? A massive document of usernames and passwords. These are all available in text files, pretty much for anyone to see. We're not sure, but this may be a collection of usernames and passwords from historical hacks, but it's not clear. Most of us have potentially more than a hundred usernames and passwords. How are we supposed to go through all our accounts and change them all? Can we slap 2FA on top of everything? What should be the best reaction to this kind of news?
Hey, you're a CISO, what's your take on this?'
In the area of user experience, B2B software seems neglected. All the wonderful usability goes to consumer apps, because everybody needs to be able to use them. But B2B software can cut corners and add extra layers for usability because heck, these people are experts, they're hired to do this job. They should know what they're doing. But that type of thinking is hurting the industry as a whole.
We've got a scenario of two CISOs with two different companies. Which one has the worst security posture?
Please, Enough. No, More.
Our topic is endpoint protection. We talk about we've heard enough about on endpoint protection, and what we'd like to hear a lot more. Endgame's machine learning engine, Ember, is open source.
What's a CISO to do?
Why is it so difficult to hire InfoSec professionals? Is there not enough skills, not enough people interested, tough to hire diversity, way too competitive environment, or is it the nature of the recruiting industry itself?