Defense in Depth

CEO Shirley Salzman from SeeMetrics discusses the purpose of metrics in storytelling, answering business questions, and effective communication. Experts touch on efficiency, challenges in security metrics, contrasting security mindsets, and tackling ransomware attacks. The importance of continuous monitoring, dynamic dashboards, and risk tolerance in security metrics are highlighted, along with a promotion for cybersecurity templates and metrics solutions by Cmetrix.

CEO of Push Security, Adam Bateman, discusses securing identities in the cloud. Topics include common security mistakes, importance of understanding identities and single sign-on, challenges in identity implementations, monitoring unused permissions, and building tools for flagging risky behavior.

Lamont Orange, CISO at Cyera, discusses the importance of data security within the Defense in Depth strategy, emphasizing automation and knowing what to protect. They explore how Cyera's AI-powered platform provides visibility, risk context, and actionable guidance for data security in various environments.

Tomer Gershoni, CSO at Zoominfo, discusses moving beyond technology, the art of a CISO, always operating in context, and elevating the CISO conversation. The podcast emphasizes aligning security with business objectives, evolving CISO roles towards business orientation, and focusing on cybersecurity for business continuity.

Neil Watkins, SVP technology and cybersecurity services at i3 Verticals, discusses the importance of visibility in cybersecurity, emphasizing the need for practical guidance and remediation solutions. The conversation explores challenges in managing cybersecurity incidents, advocating for self-healing systems and collaboration within the industry.

Sasha Pereira, VP of Infrastructure and CISO at WASH, discusses the value of entry-level cybersecurity skills gained from working at the help desk. Topics include the overlooked nature of help desk experience, the ideal path to break into cybersecurity, and the importance of empathy and understanding business operations in the field.

Russ Ayers, SVP of Cyber and Deputy CISO at Equifax, dives into the rising threat of deepfakes and their implications for security. He discusses how AI is blurring the lines between real and fake, creating challenges for identity verification. The conversation highlights the need for advanced detection methods and the creation of new roles like ‘Reality Auditor.’ Russ emphasizes the urgent importance of re-establishing trust in communication as deepfake technology alters our perceptions and legal standards.

Vivek Ramachandran, Founder of SquareX, discusses the effectiveness of Secure Web Gateways in the modern enterprise. Topics include challenges in adapting to browser evolution, the need for better solutions, and the role of SquareX in detecting and mitigating web attacks in real-time.

Richard Stiennon, Chief research analyst, IT-Harvest, discusses the hype and challenges of zero-trust solutions in cybersecurity. They delve into defining zero trust accurately, highlighting the importance of transparency. The podcast explores the risks of vendor dependency and the need for innovative frameworks in cybersecurity product selection.

Sandy Bird, Co-founder and CTO of Sonrai Security, joins the podcast to discuss the challenges of scaling least privilege in the cloud. Topics include automating identity security, optimizing cloud access control, and the evolution of attribute-based access control. Discover the importance of just-in-time access permissions and prioritizing assets for enhanced security.