BSW #154
Ward Cobleigh is the Sr. Product Manager at VIAVI Solutions. In a very recent study, 65% of responding organizations reported a shortage of cybersecurity staff, with a lack of skilled or experienced security personnel their number one workplace concern (36%). To help fill this void, there is a very real and still growing need to cross-train existing professionals and teams whenever possible. How achievable is this goal? Can we really take the typical NetOps skillset, combine it with the data sources that are typically available to them, and apply this to the SecOps skills gap? This Business Security Week Podcast will answer these questions and include a demonstration of how a performance analysis platform can be used to quickly and efficiently identify threats.
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
Visit https://www.securityweekly.com/bsw for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor’s Page
Bringing NetOps Into The Threat Hunt
Segment Resources:
- Below are additional resources related to our topic. These can be used by the hosts for background information. We will have these available on our landing page https://viavisolutions.com/securityweekly
- SANS OnDemand Webinar Recording: https://comms.viavisolutions.com/lp-cmp?cp=vi101475&th=std&lang=en
Blogs:
- 3 Lessons Learned from the Capital One Cyberattack – Listen to Your Data Sources
- What the NASA Cyberattack Teaches Us About Simple Technologies and Advanced Threats
- Not a Fish Story: Tackle the Reel Network Security Issues
Hosts
 Jason Albuquerque – CIO & CSO |
 Matt Alderman – CEO |
 Paul Asadoorian – Founder & CTO |
Guests
 Ward Cobleigh – Sr Product Manager |
Announcements
- We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
Companies Need to Rethink What Cybersecurity Leadership Is, What Companies That Are Good at Innovation Get Right, Staff in smaller businesses bogged down by poor communications, Why You Should Be Sending More Video Emails … And How To Record Them, Enterprises muddled over cloud security responsibilities, and Top tech conferences to attend in 2020.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor’s Page
Leadership Articles
- Companies Need to Rethink What Cybersecurity Leadership Is – For businesses today, cyber risk is everywhere. Yet for all the investments , companies are still struggling to make cybersecurity a vibrant, proactive part of strategy, operations, and culture. The root cause is twofold: (1) Cybersecurity is treated as a back-office job and (2) most cyber leaders are ill-equipped to exert strategic influence. Here’s a framework for what business leaders must do to spur cybersecurity success:
- Set your intent with cybersecurity strategy
- Position the cybersecurity function to have influence
- Get the right cyber leader for your needs
- What Companies That Are Good at Innovation Get Right – Innovation labs, technology scouting outposts, and accelerator programs to invest in startups have become ubiquitous in large companies. Yet, in some companies, all of that activity adds up to nothing more than “innovation theater.” But for the ones who get it right, here’s what they do:
- They hone their focus
- They collaborate with key internal partners
- They staff appropriately
- They design incentive system
- They monitor impact
- They move beyond culture clashes
- Staff in smaller businesses bogged down by poor communications – Inadequate communications between senior management and staff in small to medium-sized enterprises is leading to poor decision-making.
- Why You Should Be Sending More Video Emails … And How To Record Them – Humans have been speaking to each other face-to-face for more than 150,000 years! In today’s digital age we are sending more and more emails, and speaking to each other less and less. Here’s a video email guide:
- Know When to Send a Video Email
- Build Your Confidence
- Get Your Gear (way less than you think)
- Nail Your First Impression
- Don’t use a script!
- Talk to one person
- Lighting: Know where it is
- Practice, practice, practice to build confidence and success
- Enterprises muddled over cloud security responsibilities – Miscommunication in enterprises was identified as a major factor in cloud-native security breaches. There is a diverse range of views about who should take responsibility…
- Top tech conferences to attend in 2020 – For the CISOs:
- Suits & Spooks DC, Feb. 6-7, Washington D.C.
- RSA Conference, Feb. 24-28, San Francisco
- Gartner Security & Risk Management Summit, June 1-4, National Harbor, Maryland
- Black Hat USA, Aug. 1-6, Las Vegas
- DEF CON 28, Aug. 6-9, Las Vegas
- Global CISO Executive Summit, Sept. 21-23, Marana, Arizona
- Forrester Security & Risk North America, Sept. 22-23, Washington D.C.
Hosts
 Jason Albuquerque – CIO & CSO |
 Matt Alderman – CEO |
 Paul Asadoorian – Founder & CTO |
Guests
Announcements
- We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand