Bill reviews ThreatQuotient’s “2022 State of Cybersecurity Automation” report, which finds that the majority of organizations experience pain problems implementing these initiatives.
Cybersecurity
Bill reconnects with Sonatype Co-founder Brian Fox to find out why it’s taken so long for organizations to respond to the Log4j vulnerability, which was first discovered a year ago.
Bill summarizes the main points from Endor’s 2022 State of Dependency Management study to better understand how cybersecurity professionals should respond to OSS vulnerabilities.
Analyst Robert Wood explains a strategy for resolving data breaches that entails getting inside your adversary’s head.
While the realization of a cybersecurity incident of course brings primary impacts, it doesn’t stop there. In this analysis, Chris explains how and why preparation helps.
In ep. 10, Kieron explains why cybersecurity professionals must prioritize training on cybersecurity issues and prevention.
After a breach, you’ll want to stop data loss as soon as possible, but it comes with risks and other drawbacks. Frank shares tips to arm you with the knowledge, options, and flexibility to advise your business on the right approach.
Burned out security and software teams are hard to retain and increase the odds of a breach. Bill speaks with Object First’s David Bennett, about how he tackles the issue as an object storage solution startup CEO.
After a breach, you’ll need help from an incident response team, either in-house or third party. Frank explains how and what to look for.
In Ep. 6 of the Acceleration Economy Minute, Kieron Allen explains why legal representation is needed for those who wish to succeed in the acceleration economy.
CISO Robert Wood details three techniques to analyze security breaches so that organizations can prevent them in the future.
In episode 32, Chris looks at a new Cybersecurity Infrastructure Security Agency post that focuses on three critical steps for advancing vulnerability management across the ecosystem in IT.
Security and data breaches aren’t all bad news; they’re also opportunities to build on lessons learned and correct deficiencies, as Chris explains.
Robert explains why communication is key to getting security, legal, sales, and engineering teams on board with a DevSecOps strategy shift.
In Ep. 3 of the Acceleration Economy Minute, Kieron references the work of fellow AE cybersecurity analysts who discuss how and why organizations must expand on their approach to defense.
Threat hunting is often thought of as something one does to uncover as yet undetected threats in an organization. But there’s also attack-specific threat hunting, which, analyst Chris Hughes explains, is essential when responding to security breaches.
From victim and media notification to legal liabilities and government considerations, the many issues that arise after a security breach are more easily addressed with the help of a lawyer. Frank explains why.
Analyst Bill Doerrfeld discusses the benefits and drawbacks of low-code/no-code with CEO Prashanth Chandrasekar, giving examples of how the approach both widens businesses’ horizons and limits them.
The first article in a series on the top 10 things to do if you’ve been breached discusses RACI (responsible, accountable, consulted, informed), a framework for defining roles and responsibilities in projects or processes.
In this Data Modernization Battleground moment, Chris says that cybersecurity professionals must understand data inventory, how businesses are using data, and who has access to data.