Defense in Depth

How Must Processes Change to Reduce Risk?

Jun 1, 2023

The podcast discusses the need to fix processes to reduce risk and vulnerabilities. They focus on communication, collaboration, and motivation within a company. They highlight the importance of treating security as part of the enterprise risk program. They explore strategies for driving behavior change and motivating individuals. They also discuss different types of people in solving security problems and prioritizing vulnerabilities. The hosts share their favorite quotes and emphasize the importance of collaboration and addressing technical debt.

28:47

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Improving process, communication, and motivation across all departments is crucial to reducing risk and vulnerabilities in organizations.

Motivating employees to address vulnerabilities requires focusing on business risks, providing clear understanding of risks, and offering incentives for action.

Deep dives

Improving Processes and Communication to Reduce Risk

To truly reduce risk and vulnerabilities, it is important to improve process, communication, and motivation across all departments. This means recognizing that vulnerability management is not just a technical matter for IT and security, but a business risk reduction issue that involves each department. The key is to foster a risk-focused conversation and not solely rely on risk as a stick but instead enable the business processes that risk aims to improve. By reframing the conversation in terms of business impact analysis and understanding why people care, organizations can make progress in reducing risks.

Introduction

2min

The Split Between Technical, Risk, and Business Focus

2min

Shifting the Conversation: From Technical to Business Risk

5min

Motivation, Processes, and Risk: Driving Behavior Change in Security

5min

Different Types of People and Prioritizing Vulnerabilities

11min

Favorite Quotes and Meeting People Where They Are

3min

All links and images for this episode can be found on CISO Series.

What do we need to do to fix our processes to truly reduce risk and vulnerabilities?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our sponsored guest is Amad Fida (@brinqa), CEO, Brinqa.

Thanks to our podcast sponsor, Brinqa

Understand your cyber assets, prioritize vulnerabilities, automate remediation, and continuously monitor cyber hygiene across the entire attack surface — infrastructure, applications and cloud — with Brinqa. See how at brinqa.com.

In this episode:

What do we need to do to fix our processes to truly reduce risk and vulnerabilities?
How to work with all departments to improve process, communication, and motivation?
Why does security need to be treated as a function of the enterprise risk program?
What are the elements that make a great solution?

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Defense in Depth

How Must Processes Change to Reduce Risk?

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Improving Processes and Communication to Reduce Risk

Motivation and Actionable Measures

Understanding the Business Context and Priorities

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Defense in Depth

How Must Processes Change to Reduce Risk?

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Improving Processes and Communication to Reduce Risk

Motivation and Actionable Measures

Understanding the Business Context and Priorities

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights