Do Breaches Happen Because the Tool Fails, or the Tool Was Poorly Configured?

All links and images for this episode can be found on CISO Series.

Security tools are supposed to do a job. Either they need to alert you, protect you, or remediate an issue. But they don't always work and that's why we have breaches. Who's at fault, the tool or the administrators who configured the tool?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome our guest Kenneth Foster (@Kennethrfoster1), vp of IT governance, risk and compliance at FLEETCOR.

Thanks to our podcast sponsor, AppOmni

Do you know which 3rd party apps are connected to your SaaS platforms? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. Get visibility to all 3rd party apps — and their level of data access — with AppOmni. Visit AppOmni.com to request a free risk assessment.

In this episode:

• Why do security tools fail?
• Who's at fault, the tool or the administrators who configured the tool?
• Is it usually because the control is ineffective or was the control misconfigured / ignored?
• Do InfoSec produts have an efficacy issue or an implementation issue?