Highlights from “Hacking the Crown Jewels” – CISO Series Video Chat

Here are the highlights from “Hacking the Crown Jewels: An hour of understanding what data you have, what’s REALLY important, where it resides, and who’s accessing it and when”.

Featuring David Spark, producer of CISO Series, Kate Kuehn (@KateKuehn), svp, vArmour, and Ramy Houssaini (@ramihoussaini) – chief cyber and technology risk officer and group privacy officer, BNP Paribas.

Read the best bad ideas, best quotes from the chat room, and the full video of the entire video chat.

Huge thanks to our sponsors, vArmour and Okera

Got feedback? Join the conversation on LinkedIn.

Best Bad Ideas

An impressive 72 bad ideas for this CISO Series Video Chat, but Larry Rosen, manager/security architect, GBQ Partners takes top prize for best bad idea. Other honorable mentions go to:

“Don’t label or categorize anything. When it shows up on the Dark Web, you’ll know what others have identified as your crown jewels.” – Andrew Aken, zero trust lead technical architect, Twitter

“Pretend you don’t have crown jewels and that your organization is in a completely commoditized market competing on price alone.” – Brad Green, Cortex XDR systems engineer, Palo Alto Networks

“Give root access to your crown jewels to the first vendor who says “I could have prevented the recent widespread attack.” – Dutch Schwartz, strategic lead, AWS Global Security Services Team, AWS

“Get a literal crown of jewels and display it in a locked case in your company’s front lobby, but secretly hiding all the company’s data in the pedestal that is actually an air gapped computer.” – Shawn Bowen, CISO, Restaurant Brands International

“Identify Crown Jewels by committee… Each day data is sent to all employees and whatever is voted most important is the Crown Jewels for the day.” – Matthew Thomson, principal consultant, security, Skyline Technologies

“Combine Crown Jewels and honeypots to save on the IT budget.” – Scott Sheahan, product cybersecurity engineer, Aptiv

“Store your crown jewels on a mobile drive.  Fill a giant Claw Game with drives and place in your lobby. For $1 each visitor gets a chance to win your Crown Jewel drive.” – Dutch Schwartz, strategic lead, AWS Global Security Services Team, AWS

Best quotes from the chat room

“Zero Trust can work well if you’re building a brand new enterprise, for a start.” – Ian Poynter, consultant

“Maybe people are afraid to KNOW what the liability is because they fear not being able to protect or govern it?” – John Marchese, vp, global alliances & partner sales channels, Okera

David Spark
David Spark is the founder of CISO Series where he produces and co-hosts many of the shows. Spark is a veteran tech journalist having appeared in dozens of media outlets for almost three decades.