Here’s a six minute highlights video of CISO Series Video Chat “Hacking Distractions: An hour of critical thinking of what we should stop paying attention to in security.”

Our guests for this discussion were:

Watch the full video

Got feedback? Join the conversation on LinkedIn.

HUGE thanks to our sponsor Keyavi Data

Our Keyavi breaks new ground by making data itself intelligent and self-aware, so that it stays under its owner’s control and protects itself immediately, no matter where it is or who is attempting access. Keyavi is led by a team of renowned data security, encryption, and cyber forensics experts. See for yourself at keyavidata.com.

Best Bad Ideas

Congratulations to Kevin Hakanson, sr. solutions architect, AWS for winning this week’s Best Bad Ideas!

Other honorable mentions go to:

“Lock your SOC team into a socially distanced windowless blank void of a room with only linux workstations and Amazon pee bottles and no cell phones so that they can focus only on the IOCs” – Andrew Aken, zero trust lead technical architect, Twitter

“Imagine a world where everyone defaults meetings to 1 hour long, and everyone is half paying attention while responding to email and text messages and, invariably, a decision gets made in the 59th minute, leaving people with no time to document outcomes/next steps (which will soon be forgotten), no bathroom break before dialing in 5 mins late for their next meeting. Oh sorry, that is the world we live in…. but it doesn’t make it any less of a bad idea!” – Sean Kelly, manager – enterprise information risk assurance, BlueCross BlueShield of Western New York

“Give all your analysts meth to make them hyper-focused” – John Prokap, leader, IT security & compliance, Success Academy Charter Schools

“Send email to whole organization asking for everyone’s input on your security alerts, vulnerability scans and risk findings/remediation’s items for their input on next steps.” – Mathew Biby, CISO, Satcom Direct

Good Strategies

“Talk to your key business leaders. Make sure they are part of the solution and help you prioritize.” – Joshua Scott, head of information security & IT, Postman

“Collapse your tool landscape instead of constantly expanding it.” – Mike Wilkes, CISO, SecurityScorecard

“Model the threats. Prioritize. Focus on key threats first.” – Jakub Kaluzny, senior IT security consultant, SecuRing

“Make goals/objectives explicit and prioritize accordingly. Communicate those to all team members and other department heads. Then act as a “human firewall” between the org. and your personnel to provide them time and resources to accomplish.” – Brian Colt, IT administrator, Dash

“Dedicate one Friday a month to no meetings and learning something new so that you are giving your team time to evolve as the threat landscape evolves rather than always being reactionary.” – Samantha Phillips, VP sales strategic accounts, Yubico

“Focus on outcomes, rather than specific solutions.” – Joshua Scott, head of information security & IT, Postman

Best quotes from the chatroom

“If you are executing on the “fundamentals” you are less likely to be distracted by other things (0-days, etc.).” – Mathew Biby, CISO, Satcom Direct

“In some instances, we security folks are the one creating the biggest distractions focusing too much on 100% security rather than “good enough”.” – Mathew Biby, CISO, Satcom Direct