So many breaches happen through ports of known vulnerabilities. What is the organizational vulnerability in vulnerability management? Check out this post and discussion and this one for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the…
Latest stories
Best Advice to Overcome Vulnerability Management Concerns
We’ve been concerning ourselves with vulnerability management lately. And so after publishing “25 Tips to Reduce the Frustration of Vulnerability Management” and a post by Allan Alford, CISO of Mitel, I culled the best responses to make this video in…
I’m Humbled to Tell You About My Prestigious Award
I’m not exactly sure what “humbling” means, but I’m going to use it to hopefully soften my braggadocio announcement. We discuss semantics and when it’s OK to boast your accomplishments on this week’s episode of CISO/Security Vendor Relationship Podcast. This…
Defense in Depth: Privileged Access Management (PAM)
Where does privileged access management (PAM) fit in the order of operations? Check out this post and discussion and this one for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO…
WEBINAR: What Every Security Practitioner Needs to Know about Security Sales
In the CISO Series’ ongoing effort to reduce frustration between buyers and sellers of security products, I’ll be moderating a round table discussion where we look under the hood of the security sales process. WHEN: Friday, April 26th, 2019 at…
No Shirt. No Security. No Merger.
Sure, we’d like to merge with your company but geez, have you looked at your security posture lately? Uggh. I don’t know if I could be seen in public with your kind let alone acquire your type. We’re wary as…
Defense in Depth: Machine Learning Failures
Is garbage in, garbage out the reason for machine learning failures? Or is there more to the equation? Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO…
Garbage In, Garbage Out is NOT Why Machine Learning Fails
At the RSA 2019 Conference I spoke with Davi Ottenheimer (@daviottenheimer), product security at MongoDB, about where and why machine learning falls short. One might assume garbage in, garbage out, but who determines what’s garbage and what’s not can greatly…
All Aboard the 5G Paranoia Train
We’re getting excited and stressed out about the impending 5G network that appears will control our lives and all our cities. Will it be as exciting, productive, and lacking of security protocols as we expect? We discuss that and more…
How Much Damage Can the Network at a Hacker Conference Take?
For a normal organization, it would be a year’s worth of malicious traffic. At the Black Hat conference, their network sees the same in about two days. That’s what Neil “Grifter” Wyler (@Grifter801) said about the network behavior he sees…