Turning the Battleship – BSW #232
This week, we welcome Tom Roeh, Director of Systems Engineering at ExtraHop, to discuss Accelerating 0-Trust Adoption W/ End2End Visibility & Increased Collaboration! In this episode, we discuss important considerations for planning, implementing, operating, and securing a Zero Trust deployment––more rapidly and with lower risk. This includes the vital role end-to-end visibility and frictionless collaboration between IT ops teams play across Zero Trust rollout phases.
In the Leadership and Communications section: Boards rethink incident response playbook as ransomware surges, How CISOs and CIOs should share cybersecurity ownership, How CISOs are Building a Modern Cybersecurity Partnership, & more!
Visit https://securityweekly.com/extrahop to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
1. Accelerate 0-Trust Adoption W/ End2End Visibility & Increased Collaboration – Tom Roeh – BSW #232
It's no surprise that Zero Trust initiatives are increasing in importance in both the public and private sectors. New cybersecurity mandates and a boom in remote work due to COVID-19 are just two of the most common factors driving this demand. While the need for adopting Zero Trust is evident, the path to success is not.
In this episode, we discuss important considerations for planning, implementing, operating, and securing a Zero Trust deployment––more rapidly and with lower risk. This includes the vital role end-to-end visibility and frictionless collaboration between IT ops teams play across Zero Trust rollout phases.
Learn more about implementing Zero Trust:
This segment is sponsored by ExtraHop Networks.
Visit https://securityweekly.com/extrahop to learn more about them!
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
Tom currently leads the Public Sector technical team at ExtraHop Networks as Director of Systems Engineering. He has spent most of his 20-year career looking at networks, protocols, and packets in one way or another. Tom has a passion for utilizing data-driven techniques to solve the complex problems faced by modern IT practitioners. When he’s not working with ExtraHop’s expansive customer base, he is deeply involved in developing and defining automated techniques for threat detection, and currently holds two patents related to passive network detection techniques. Tom was an early responder to Wannacry and wrote the award-winning Ransomware Module for ExtraHop. Tom resides in Houston, TX along with his wife and three daughters. He remains actively involved with his alma mater Texas A&M (Electrical Engineering), and can be found most weekends cheering his Aggies on to victory.
This Week, in the Leadership and Communications section: Boards rethink incident response playbook as ransomware surges, How CISOs and CIOs should share cybersecurity ownership, How CISOs are Building a Modern Cybersecurity Partnership, & more!
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
- 1. Boards rethink incident response playbook as ransomware surges - Corporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.
- 2. How CISOs and CIOs should share cybersecurity ownership - CISOs and CIOs weigh in on how their cybersecurity responsibilities are evolving with changes in the business environment and threat landscape.
- 3. 5 ways Digital Transformation Officers can make cybersecurity top priority - The Digital Transformation Officer (DTO) plays the key role in managing the strategic approach necessary to successfully undertake such transformations. Part of that success means managing cyber-risk. We recommend DTOs consider the following trends: 1. Securing digital assets 2. Cloud security 3. Developing skills to operate novel technologies securely 4. New approaches to cyber-incident management 5. Outsourcing cybersecurity tasks
- 4. How to Be a Leader Who Stays True to Their Ethics - Honest conversations are a crucial tool in helping leaders and their organizations successfully act on their ethical ambitions. If you aspire to lead ethically and with high purpose, first turn inwards. Take the time to have an honest conversation with yourself to help figure out what matters to you, and where your ethics lie. Next, align your senior team. Third, be prepared to be derailed. Unfortunately, at some point, pressure to meet shareholder expectations will derail your aspiration to lead with a higher purpose and values. And finally, don’t wait for the whistle to blow.
- 5. How CISOs are Building a Modern Cybersecurity Partnership - There has been an ongoing dialogue regarding the benefit of cybersecurity partnerships, with chief information security officers at the forefront of the conversations. Here are five things CISOs should focus on when it comes to securing the much-anticipated cybersecurity partnership. 1. Cybersecurity should be a boardroom agenda 2. Invest in establishing a solid cloud security architecture 3. Construct a borderless security system 4. Upgrade your enterprise security architecture 5. Invest in innovations
- 6. 8 pitfalls that undermine security program success - Here, security leaders warn of eight easy-to-overlook pitfalls that can undermine an otherwise successful security strategy: 1. Talking about security risk, rather than business risk 2. Overemphasizing compliance 3. Failing to move fast (enough) 4. Always focusing on the urgent 5. Focusing too much on tools and technologies instead of stakeholders and their needs 6. Keeping security within the security department 7. Overlooking your own security workers 8. Falling for the new stuff
- 7. 10 Action Steps to Become a Good Friend - Here’s how to become a better friend: 1. Redesign 2. Remember the Dates 3. Utilize The Mere-Exposure Effect 4. Make Mondays Fun 5. Ask Dopamine-Boosting Questions 6. Reach Out 7. Be Courageous 8. Say “Friend!” 9. Find Their Love Language 10. Celebrate With Them Read more at: https://www.scienceofpeople.com/good-friend/