Defense in Depth

In this episode, Jay Wilson joins the hosts to discuss the nonexistence of entry-level jobs in cybersecurity. They explore the reasons behind this contradiction and how job candidates can creatively gain experience to break into the industry. The importance of stories and personal growth in convincing potential employers is highlighted, along with the responsibility of industry professionals to help newcomers. The chapter also discusses the hiring process, networking, and the need for cybersecurity professionals to care about the businesses they protect.

Jamil Farshchi, CISO at Equifax, discusses the new SEC rules for cybersecurity and their implications for CISOs. They explore the potential effects on cybersecurity, the importance of transparency and measuring risk, and the need for bidirectional context between cybersecurity and the business stakeholders.

Guest Lee Parri joins the hosts to discuss the value of RSA, Black Hat, and Mega Cyber Tradeshows. They explore the economic value for CISOs attending trade shows like RSA and the industry gravity these events have. They also debate the significance and benefits of major cybersecurity corporations sponsoring and having a presence at security conferences. Additionally, they discuss the location of the RSA conference, the value of attending RSA, and the available cybersecurity slots and stickers at conferences.

Exploring the impact of remote work on cybersecurity, the podcast discusses worker preferences, the motives behind returning to the office, and the benefits of access to talent. It also highlights the importance of flexibility, community, and trust in remote work, as well as the challenges of building culture in a virtual environment.

This podcast discusses the challenges of managing users' desires for new technology, particularly focusing on generative AI. The speakers explore the need to adapt and apply previous lessons learned, the risks and mitigation strategies associated with adopting new technology, the importance of managing user desires and ensuring visibility, adhering to rules and protecting data, and the significance of continuous learning in cybersecurity.

Caitlin Sarian, popular cybersecurity TikToker, joins the hosts to discuss common cybersecurity questions. They cover topics such as online safety for children, phishing prevention, smartphone security, data breaches, and digital footprint. The importance of control and choice in online privacy is explored, as well as the need for clear guidance on user safety. They also discuss the importance of cybersecurity education and support structures for everyday users.

The podcast discusses the challenges and solutions of ingesting data into data lakes, the power and complexity of data lakes, extracting value from a data lake, using data lakes for security, the importance of data collection and linking, and the significance of prioritizing data quality in a data lake.

The podcast discusses the challenges of executing a threat intelligence program successfully, including planning and setting expectations. They also highlight the importance of data and actionable intelligence, as well as the evolution of threat intelligence programs and the shift towards a strategic and predictive approach. The episode touches on the role of evidence in identifying threats and mentions the future potential of generative AI in security.

Security leaders discuss strategies for managing intense stress during incidents, particularly during the SolarWinds incident. They explore the toll it takes on their well-being, the challenges of managing stress within teams, and the importance of support from the community. Strategies for coping with stress, addressing security risks with shadow SaaS apps, building support networks, and challenges in incident management training are also discussed.

Explore the methods to make employees more security conscious and aware. Discuss the importance of a security mindset practiced by senior leadership. Emphasize personalized cybersecurity education and the value of prioritizing collective security. Highlight the importance of trust and respect in cybersecurity.