I got a chance to talk with David Raviv, founder of the NY Information Security Meetup Group (@NYInfoSecurity) about our upcoming partnership and production of the CISO/Security Vendor Relationship Podcast in NYC on September 5th, 2019. In this video he…
Latest stories
Defense in Depth: 100% Security
100% Security. A great idea that’s impossible to achieve. Regardless, CEOs are still asking for it. How should security people respond and we’ll discuss the philosophical implications of 100% security. Check out this post for the discussion that is the…
Like Fine Wine Our Vendor BS Meter Gets Better with Age
The bouquet of this particular vendor BS is a mixture of FUD, unnecessary urgency, and a hint of pecan. Look to your left and grab the spittoon because we don’t expect everyone to swallow what you’re about to hear on…
What Does Trust Mean in Security? – Black Hat 2019
Security is about trust, but there are oh so many definitions of trust as evidenced by my interviews at Black Hat 2019 in Las Vegas. We barely scratched the surface of this subject, but all the varied answers gives you…
Defense in Depth Wants Trending InfoSec Topics
The co-hosts of the Defense in Depth podcast, myself and Allan Alford, recorded this video from Black Hat 2019 explaining the editorial model of our show and why we’re imploring listeners to send in hot and trending topics in InfoSec.…
Defense in Depth: Proactive Security
How proactive should we be about security? What’s the value of threat intelligence vs. just having security programs in place with no knowledge of what attackers are trying to do? Check out this post for the discussion that is the…
REGISTER for CISO/Security Vendor Relationship Podcast Live in NYC 9/5/19
The CISO/Security Vendor Relationship Podcast returns to NYC for a live recording this September. This recording in front of a live audience will be co-hosted by me, David Spark (@dspark), producer of CISO Series, and special guest co-host Betsy Bevilacqua…
If Capital One Listened to Our Podcast They Still Would Have Been Breached
We guarantee listening to our show would have done absolutely nothing to prevent the Capital One breach. We’ve consulted our lawyers and we feel confident about making that claim. It’s all coming up on this week’s episode of CISO/Security Vendor…
Black Hat 2019: THANKS to Fans from Mike and David of CISO/Security Vendor Relationship Podcast
Just a quick video from me and Mike Johnson, co-hosts of the CISO/Security Vendor Relationship Podcast, thanking fans for coming up to us and showing their appreciation for the podcasts. Thank you so much. As I have said many times…
Defense in Depth: ATT&CK Matrix
Is the ATT&CK Matrix the best model to build resiliency in your security team? What is the best way to take advantage of the ATT&CK framework and how do you square away conflicting data coming in from your tools. What…