Defense in Depth

Exploring the high cost of blue team training compared to free red team education, discussing the impact on cybersecurity talent shortage. Highlighting the importance of self-learning and versatile tools in cybersecurity defense. Emphasizing the need for collaboration between red and blue teams, and the evolving threats in the cybersecurity landscape.

Exploring the absence of CISOs in executive leadership, challenges faced by CISOs in Fortune 100 companies, importance of clear guidelines and compliance, CISOs' role in disclosure decision-making post-security breaches, and contrasting perspectives on privacy and security prioritization.

Exploring the limitations of consolidating data from various sources with a single pane of glass concept. Discussing the challenges of centralized data analysis in cybersecurity operations. Introduction of Query Federated Search as a solution for managing security data sources. Emphasizing the importance of understanding and leveraging security data efficiently in SOC operations.

The podcast discusses the balance between data being an asset and a liability for organizations, the risks of data collection, and the importance of data minimization. It explores privacy laws, lawsuits targeting tech companies, and ethical considerations surrounding data collection. The Electronic Frontier Foundation emphasizes the significance of minimizing data collection upfront for better privacy and security.

Adam Koblentz, field CTO at Reveal Security, discusses monitoring anomalous behavior of users, understanding threat actors in networks, and the role of AI-based tools. They highlight the importance of context in anomaly detection, tracking past activities, and strong multifactor authentication. The chapter emphasizes the significance of anomaly detection and user profiling, with a mention of sponsor Reveal Security as a helpful resource.

Guest Mike Levin, deputy CISO, 3M, discusses the challenges faced by cybersecurity startups, including understanding the market and customer needs. The importance of integration and coexistence of cybersecurity products with existing ones is emphasized. Incorporating customer feedback and listening to the market are key to building a successful cybersecurity startup.

Derek Fisher, Executive director of product security at JPMorgan, discusses the significance of compliance in a security program and the need to go beyond minimum standards. The podcast explores the difference between compliance and security, emphasizing compliance as the minimum viable security. It also highlights the importance of compliance in the banking industry and the collaboration within the security industry. The episode concludes with a mention of sponsor Reveal Security and a discussion about the benefits of LinkedIn.

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Alexandra Landegger, Executive Director and CISO, Collins Aerospace. In this episode: Why do mergers and acquisitions always present challenges to an organization? When it comes to cybersecurity, how involved should a CISO be before AND after an acquisition? Can cybersecurity considerations make or break a deal? What skills did you find yourself flexing with your first M&A experience? Thanks to our podcast sponsor, Aphinia! Join Aphinia, a professional tribe of superheroes fighting cybercriminals. If you are a CISO, VP or a Director of cybersecurity, get instant free access to thousands of your peers, career advice, networking opportunities, consulting gigs and more. Join the good guys' team because the only way to succeed is together: https://aphinia.com/#signup_form

Guest Richard Ford, CTO of Praetorian, challenges the misconception of red teaming as mere validation, emphasizing its value in strengthening organizations. They discuss conducting red teaming early in the project lifecycle, explore different perspectives and value of red teaming, and redefine it as a proactive tool. The chapter also highlights the importance of aligning definitions and repositioning red teams under the SOC for better defense posture.

Adam Glick, CISO, PSG, discusses successful vendor outreach to CISOs, the negative impact of spamming, building trust in vendor relationships, understanding the role of a CISO, and emphasizing the importance of forming connections and building trust in the cybersecurity industry.