Artwork

Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !

Cybersecurity's Love Affair with Distractions - Fred Wilmot, Dani Woolf - ESW #370

2:18:08
 
Distribuie
 

Manage episode 432155426 series 2794639
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we knew it? Or 18 years ago, when NAC would put an end to unauthorized network access?

Why do we keep thinking that the next vendor offering is going to solve all our problems? In this interview, we talk with Fred Wilmot about the hard work of building effective processes and resilient architectures that will actually yield reductions in risk and detection/response capabilities that actually work.

We'll discuss shifts in thinking that can move us past the latest distractions, and keep security teams focused on work that moves the needle. Fred may also mention his past transgressions against the industry and what he's doing to "wipe out the red from his ledger".

There's plenty of content out there detailing how vendors fall short:

  • scummy, aggressive sales tactics
  • overuse of jargon and buzzwords
  • sneaky sales tactics
  • dumping on competitors
  • products that fall far short of claims
  • ambulance chasing

So what should they doing? In this episode, we chat with Dani Wolff, about how marketers can adopt the skills and mindsets of security researchers to improve GTM strategies, without resorting to awful tactics. Drawing from extensive experience in qualitative interviews and collaborations with enterprise security executives and researchers, Dani will uncover how the innate curiosity and analytical prowess of researchers can dismantle unhealthy habits within vendor organizations.

We'll also discuss Dani's various projects, including the WTF Did I Just Read podcast, CyberNest, and CyberSynapse. Dani will explain how these are all designed to address the gap between vendors and buyers in the cybersecurity industry.

This week, in the enterprise security news,

  1. over half a billion in funding, as everyone gets their pre-Blackhat announcements out!
  2. Mimecast picks up Code42
  3. Will Cato Networks IPO?
  4. Canarytokens update
  5. We still have some crowdstrike fallout to discuss
  6. CISO responses to SEC rules
  7. Making things secure without security tools
  8. tips for going SOCLess
  9. denial of service robots

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-370

  continue reading

399 episoade

Artwork
iconDistribuie
 
Manage episode 432155426 series 2794639
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we knew it? Or 18 years ago, when NAC would put an end to unauthorized network access?

Why do we keep thinking that the next vendor offering is going to solve all our problems? In this interview, we talk with Fred Wilmot about the hard work of building effective processes and resilient architectures that will actually yield reductions in risk and detection/response capabilities that actually work.

We'll discuss shifts in thinking that can move us past the latest distractions, and keep security teams focused on work that moves the needle. Fred may also mention his past transgressions against the industry and what he's doing to "wipe out the red from his ledger".

There's plenty of content out there detailing how vendors fall short:

  • scummy, aggressive sales tactics
  • overuse of jargon and buzzwords
  • sneaky sales tactics
  • dumping on competitors
  • products that fall far short of claims
  • ambulance chasing

So what should they doing? In this episode, we chat with Dani Wolff, about how marketers can adopt the skills and mindsets of security researchers to improve GTM strategies, without resorting to awful tactics. Drawing from extensive experience in qualitative interviews and collaborations with enterprise security executives and researchers, Dani will uncover how the innate curiosity and analytical prowess of researchers can dismantle unhealthy habits within vendor organizations.

We'll also discuss Dani's various projects, including the WTF Did I Just Read podcast, CyberNest, and CyberSynapse. Dani will explain how these are all designed to address the gap between vendors and buyers in the cybersecurity industry.

This week, in the enterprise security news,

  1. over half a billion in funding, as everyone gets their pre-Blackhat announcements out!
  2. Mimecast picks up Code42
  3. Will Cato Networks IPO?
  4. Canarytokens update
  5. We still have some crowdstrike fallout to discuss
  6. CISO responses to SEC rules
  7. Making things secure without security tools
  8. tips for going SOCLess
  9. denial of service robots

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-370

  continue reading

399 episoade

Toate episoadele

×
 
Loading …

Bun venit la Player FM!

Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.

 

Ghid rapid de referință