Here are the highlights from “Hacking Zero Budget Security” Video Chat. To watch the full video and read the chat go here.
I moderated the discussion with:
- Matthew Southworth (@bronx), CISO, Priceline
- Justin Berman (@justinmberman), head of security, Dropbox
- Plus, David Roth (@DavidBrianRoth), vp, Trend Micro
Winner of the best bad idea
We had a total of 15 bad ideas during this video chat and the winner for the bad idea is Ian Poynter for this bad idea that also got the most votes: “Let’s fire all the security people and have DevOps do it all.”
Honorable mention also to Eli Migdal, CEO, Boardish for his suggestion that he’s actually witnessed: “Get your most medium level engineer to build the most critical system 2-3 years before their retirement.”
Plus, a tip of the hat to bad idea from David Lagace, sr. manager, InfoSec, Telecon: “Install any and all security scripts & software as soon as they come out and especially if they’re from unverified git repos. Many tools will make sure you’re protected!”
Got feedback? Join the conversation on LinkedIn.
Huge thanks to our video chat sponsor, Trend Micro
Great resources from Trend Micro
- East Coast Security Dev Day + Threat Defense Challenge – includes free “Think like the Hacker” workshop – June 26, 2020
- Cloud security knowledge base
- Ransomware tools
- Phish insights
- Security assessment tool
Best quotes from the chat room
“I have seen so many ‘zero budget tools’ that are so costly in human hours, both to install and then to manage and then usually to fix and ‘find a better’ solution, in our field ‘human cost’ is more expensive in many cases than ‘tool cost’.” – Eli Migdal, CEO, Boardish
“I’ve seen bloated security departments. Often it’s folks maintaining stop gap solutions that aren’t ideal. The resistance to replacing the stop gap solutions with something more efficient comes from the fact that it would eliminate those jobs” – Rick Woodward, senior InfoSec analyst, Dominion Energy
“Similarity helps you go fast; diversity helps you go far.” – Bryn Ossa, product evangelist, Elevate Security
Follow us on Crowdcast
For as long as we can handle it, our video chats will be happening every Friday at 10 AM Pacific/1 PM Eastern. Please follow us on Crowdcast to be alerted the moment a video chat goes live.