Here are the highlights from last Friday’s [10-23-20] CISO Series Video Chat: “Hacking Build vs. Buy Automation: An hour of critical thinking on the ongoing security decision.”
Joining me for this discussion were Scott Eigenhuis, head of security, Helix Chas Ballew, CEO, Aptible.
We also had appearances by Joe McManus, CISO, Drizly, Allan Alford, co-host, Defense in Depth, and Siva Inguva, information security, FinancialForce.
Got feedback? Join the conversation on LinkedIn.
Huge thanks to our video chat sponsor Aptible.
Best Bad Ideas
We had an impressive 43 bad ideas. Allan Alford took the top prize, but there were a couple more honorable mentions.
“Hire the design engineers for Ikea instructions to design your decision-tree for build vs buy.” – Dutch Schwartz, strategic lead, AWS Global Security Services team, AWS
“Create a grid for each build/buy item; Layout that grid in a cow pasture; Buy where the cows poop.” – Steven Tatem, IT security, Aspen Dental
Best quotes from the chat room
“Many times it is not just about can you build a tool that solves a specific problem. People forget about building in enterprise readiness features that make the capability scalable and secure.” – Carl Wright, chief commercial officer, AttackIQ
“I would like to live in a world where Sec didn’t need it’s own label. I would also like that world to have Star Trek transporters. I believe both are possible, with LOTS of work and determination.” – Steven Tatem, IT security, Aspen Dental
“It is far to easy to spend too many cycles trying to automate for the sake of automation rather than automating to bring about efficiency gains.” – Mathew Biby, CISO, Satcom Direct
“A past colleague of mine used to say ‘You can automate everything, including failure.'” – Rebecca Mendenhall, sr. manager, demand generation, Aptible
“Manage your automation as products, either build them as opensource projects or treat them as first-class products. Small-scale automation should be part of the job description for all IT jobs.” – Ahsan Mir, CEO, Rapticore