The importance of perspective in Cybersecurity | Life of a CISO Podcast
This episode is all about the importance of perspective. This partially refers to seeing opportunities where others see loss, but it also refers to how you view your equipment and how you focus your time, energy, and money in your work day.
🔑 [FREE MASTERCLASS]
Discover How You Can Advance Your Career Through Cybersecurity
https://safe.secure-anchor.com/nl-web...
I begin by giving my perspective of 2020. As a year, most people think it stunk, but I saw huge opportunities. For example, 2020 gave us an opportunity to build new, robust network architecture from the ground up. By sending our clients new laptops (thin clients), we were able to avoid the problem of entrusting older machines, some still using Windows 98, with sensitive data. As I said, perspective is everything. You need to realize that each laptop is the same as a new server, not just a new office or IP address. I finish the episode with a review of my famous one-page security assessment, which you should do before you spend any time or money solving any security problems.
0:10 Intro
0:40 It’s all about perspective
1:46 Nobody said 2020 was a good year
2:18 The stories we tell ourselves are based on emotions, not factual data
2:56 Cautiously pessimistic
3:18 Introducing “John,” my CIA friend
4:19 Why being positive is bad
5:00 The quality that makes a good executive makes a bad security engineer
6:36 Being pessimistic is good for security engineers, but an executive needs to be optimistic
8:21 A commute takes time and energy, now there’s no commute
9:25 The benefit of covid is that it gives us a chance to build a robust architecture
9:43 Let’s face it, we don’t have a robust architecture
10:22 Your laptop is a personal server
12:14 Horizon 2020, Piece 1: All your data is moved to the cloud
14:17 A front-tier cloud for authentication
14:55 How to think about this
16:28 A CISO sometimes needs to keep security engineers at bay
17:32 You always evaluate a new program compared to the old one
18:35 There is no perfect solution
19:29 The problems that using laptops solves.
21:05 But eric…
23:20 Before you spend a dollar or a minute, ask what is the risk, is it the highest priority, and is your solution the most cost-effective way of reducing the risk?
25:42 The one page security assessment
26:25 How do you make money, what differentiates you from the competition
27:01 What are the top threats
27:48 List 5-7 items that you focus on for that quarter
29:09 A good CISO sees opportunities
29:41 Wrap up
About Dr Eric Cole
Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience in consulting, training, and public speaking. As the founder and CEO of Secure Anchor Consulting, Dr. Cole focuses on helping customers prevent security breaches, detect network intrusions, and respond to advanced threats. In addition, he is a sought-after expert witness and a 2014 inductee to the InfoSecurity Hall of Fame.
Follow me:
/ drericcole
/ drericcole
/ drericcole
https://www.secure-anchor.com/
#LifeOfaCISO #CISO
