Here are six and a half minutes of the best moments of “Hacking Automation” CISO Series Video Chat held on Friday, 07-24-20.
To watch the entire video, go here.
Joining me, this video features
- Eoin Keary (@eoinkeary), CEO, edgescan
- Jimmy Sanders (@jfireluv), head of information security, Netflix DVD
Got feedback? Join the conversation on LinkedIn.
Thanks to our sponsor, Edgescan
Winner of “Best Bad Idea”
We had a whopping 34 bad ideas during our “Hacking Automation” session.
Other notable bad ideas include:
“Automate your performance review and your salary adjustments” – Eli Migdal, CEO, Boardish
“Automate the podcast moderator function.” – Shawn M. Bowen, CISO, Restaurant Brands International
“To train your automation, after each iteration ask ‘Was this output useful?’ and you have a drinking bird toy that randomly pecks ‘Y’ or ‘N'” – Dutch Schwartz (Again!), strategic lead, AWS Global Security Services Team, AWS
“Automate all processes unconditionally, then question the automation after the fact.” – Ian Poynter, security consultant
Best quotes from the chat room
“Be careful when automating a bad process, you might be creating more waste, start with a lean assessment…” – Diego Santana, cyber security operations manager, Schlumberger
“Automation SHOULD = augmentation… It’s a tool to help us, not replace us.” – Caroline Saxon, director, cyber governance, Global Payments
“Anomaly and heuristic detection is the only way to see sophisticated toolkits which is where any good attacker has already went.” – Tyler Robinson, managing director of network operations, Nisos
“Any model needs thresholds and periodic re-evaluation.” – Chris Patteson, executive director, risk transformation office, RSA
“You can’t automate something that has a lot of subjectivity or requires creativity. So, I wouldn’t automate phishing assessments to all employees. I would make that decision based on human risk, behavior to be tested, and specific roles within an organization.” – Juliet Okafor, CEO, RevolutionCyber
“I think automation is a repetitive task, orchestration is the ‘automation’ of a series of ‘microautomation’s’ based on some sort of context.” – Shawn M. Bowen, CISO, Restaurant Brand International
“I think we use ‘orchestration’ because it usually involves a variety of disparate tools that need to be coordinated.” – Cody Wamsley, cybersecurity & privacy associate, Dorsey & Whitney