CISO Series Podcast

You Can’t Leak What You Don’t Collect

12 snips

May 21, 2024

Jeremiah Roe, Advisory CISO at OffSec, discusses data minimization as a regulatory imperative in the US and its impact on the industry. The podcast highlights challenges for CISOs in preparing for compliance and explores the importance of upskilling cybersecurity talent through training programs like red team and blue team training offered by OffSec.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Prepare for Data Minimization Laws

The Maryland Online Data Privacy Act requires companies to minimize data collection.
CISOs should prepare for similar laws by focusing on data minimization strategies.

INSIGHT

Data Minimization: Consumer Benefit vs. Business Challenge

Data minimization benefits consumers but poses challenges for businesses accustomed to data commodification.
It requires re-engineering data ingestion, which involves costs and effort.

INSIGHT

Detection Engineering Improvements

Detection engineering is improving due to new cybersecurity laws, SISA's formation, and NIST's updated framework.
These changes are driven by increasing business risk and cybercrime costs.

Get the Snipd Podcast app to discover more snips from this episode