Defense in Depth: How Do You Know if You’re Good at Security

What metrics or indicators signal to you that an organization is “good at security”?

Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, guest co-host Geoff Belknap (@geoffbelknap), CISO, LinkedIn, and our guest Justin Berman (@justinmberman), former CISO, Dropbox.

Thanks to this week’s podcast sponsor, Imperva

Face it, your data is everywhere! Imperva Data Security unifies compliance, security and privacy needs for any data store while saving you time and money. No matter where data lives, get confidence about what is happening with data, where it’s stored and who’s accessing it. Start a free trial now.

Got feedback? Join the conversation on LinkedIn.

In this episode

  • How do go about measuring risk
  • Assessing the ratio of critical/high severity issues to issues closed
  • The difference between a reactive or proactive threat management policy

Defense in Depth

David Spark
David Spark is the founder of CISO Series where he produces and co-hosts many of the shows. Spark is a veteran tech journalist having appeared in dozens of media outlets for almost three decades.