HomePodcastDefense in Depth

Defense in Depth

Defense in Depth is a 25-minute weekly advice podcast (Thursdays at 6 A.M. ET) that’s based on a single online discussion. The show is co-hosted by technology journalist David Spark and Geoff Belknap, CISO, LinkedIn or Steve Zalewski, former CISO, Levi Strauss.

Subscribe

Defense In Depth

Defense in Depth

Defense in Depth: Shared Accounts

As bad as all security professionals know, shared accounts are a fact in the business world. They still linger, and from an operational...
Defense in Depth

Defense in Depth: Bug Bounties

What is the successful formula for a bug bounty program? Should it be run internally, by a third party, or should you open it...
Defense in Depth

Defense in Depth: Data Classification

The more data we horde, the less useful any of it becomes, and the more risk we carry. If we got rid of data,...
Defense in Depth

Defense in Depth: Prevention vs. Detection and Containment

We agree that preventing a cyber attack is better than detection and containment. Then why is the overwhelming majority of us doing detection and...
Defense in Depth

Defense in Depth: Asset Valuation

What's the value of your assets? Do you even understand what they are to you or to a criminal looking to steal them? Do...
Defense in Depth

Defense in Depth: DevSecOps

We know that security plays a role in DevOps, but we've been having a hard time inserting ourselves in the conversation and in the...
Defense in Depth

Defense in Depth: Fix Security Problems with What You’ve Got

Stop buying security products. You probably have enough. You're just not using them to their full potential. Dig into what you've got and build...
Defense in Depth

Defense in Depth: Should Risk Lead GRC?

Defining risk for the business. Is that where a governance, risk, and compliance effort should begin? How does risk inform the other two, or...
Defense in Depth

Defense in Depth: Responsible Disclosure

Security researchers and hackers find vulnerabilities. What's their responsibility in disclosure? What about the vendors when they hear the vulnerabilities? And do journalists have...
Defense in Depth

Defense in Depth: Internet of Things

When Internet of Things or IoT devices first came onto the market, security wasn't even a thought, let alone an afterthought. Now we're flooded...
Defense in Depth

Defense in Depth: Is Governance the Most Important Part of GRC?

Your policy should rarely change. But your ability to achieve that policy is found in procedures or governance that should inform, steer, and guide...
Defense in Depth

Defense in Depth: Who Should the CISO Report To?

Who should the CISO report to? What factors determine that decision? And why is that single decision so critical to a company's overall security? Check...
Defense in Depth

Defense in Depth: Hybrid Cloud

The consistency of your security program becomes a challenge once you introduce the cloud. Controls and visibility are not necessarily transferable. How do you...
Defense in Depth

Defense in Depth: CISO Tenure

The CISO has the shortest tenure of any C-level role. Why so brief? Is it the pressure, the responsibility, the opportunities, or all of...
Defense in Depth

Defense in Depth: Toxic Security Teams

There's an endless number of variables that contribute to creating a toxic security teams. How does it happen, and what are ways to manage...
1...121314...17Page 13 of 17