Log in

goodpods headphones icon

To access all our features

Open the Goodpods app
Close icon
Redefining CyberSecurity - Incorporating Security from the Start for a More Secure Future: Exploring the 'Secure by Design' Initiative and the Ongoing Secure by Design Alert Series | A Conversation with Jack Cable | Redefining CyberSecurity Podcast with Sean Martin
plus icon
bookmark

Incorporating Security from the Start for a More Secure Future: Exploring the 'Secure by Design' Initiative and the Ongoing Secure by Design Alert Series | A Conversation with Jack Cable | Redefining CyberSecurity Podcast with Sean Martin

02/14/24 • 36 min

Redefining CyberSecurity

Guest: Jack Cable, Senior Technical Advisor at CISA [@CISAgov]

On LinkedIn | https://linkedin.com/in/jackcable

On Twitter | https://twitter.com/jackhcable

CISA on LinkedIn | https://www.linkedin.com/company/cisagov/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

This Episode’s Sponsors

Imperva | https://itspm.ag/imperva277117988

Devo | https://itspm.ag/itspdvweb

___________________________

Episode Notes

In this episode of the Redefining CyberSecurity Podcast, host Sean Martin invites Jack Cable, Senior Technical Advisor at CISA (U.S. Cybersecurity and Infrastructure Security Agency), to discuss the concept of 'Secure by Design' and the importance of incorporating security into the development process of technology products. The episode explores the motivations behind CISA's 'Secure by Design' initiative, which aims to shift the responsibility for cybersecurity from end users to technology manufacturers.

During the conversation, Jack highlights the need for long-term investments in cybersecurity and emphasizes the role of business leaders in driving necessary security improvements. The conversation explores the core principles of 'Secure by Design', including technology manufacturers taking ownership of security outcomes for their customers, promoting radical transparency and accountability, and ensuring top business leadership drives security improvements. The episode also touches on the collaboration between CISA and the open-source community to foster greater security improvements in the open-source space.

Jack also shares success stories of companies effectively implementing 'Secure by Design' principles and highlights the economic and business factors that will drive a more secure future. The episode concludes with a call-to-action for organizations to adopt the 'Secure by Design' approach and engage with CISA to support the shift towards more secure software.

Top Key Insights:

  • The 'Secure by Design' initiative is aiming to shift the burden of cybersecurity from end users to the technology manufacturers, essentially pushing for a more proactive approach to security.
  • Successful adoption of 'Secure by Design' requires buy-in from business leaders who possess the power to allocate budgets and direct the shift towards a secure future, demonstrating that cybersecurity is as much a business issue as a technical one.
  • Collaboration with the open-source community is crucial for improving security in the technology ecosystem. This includes expectaing companies who use open-source software to be responsible consumers and sustainable contributors to the open-source software ecosystem.

___________________________

Watch this and other videos on ITSPmagazine's YouTube Channel

Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:

📺 https://www.youtube.com/@itspmagazine

Be sure to share and subscribe!

___________________________

Resources

Inspiring LinkedIn Post: https://www.linkedin.com/posts/jackcable_when-a-new-vulnerability-comes-out-its-activity-7135658158726791168-nz9h

Secure by Design Overview: https://www.cisa.gov/securebydesign

Alert Series Announcement:

plus icon
bookmark

Guest: Jack Cable, Senior Technical Advisor at CISA [@CISAgov]

On LinkedIn | https://linkedin.com/in/jackcable

On Twitter | https://twitter.com/jackhcable

CISA on LinkedIn | https://www.linkedin.com/company/cisagov/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

This Episode’s Sponsors

Imperva | https://itspm.ag/imperva277117988

Devo | https://itspm.ag/itspdvweb

___________________________

Episode Notes

In this episode of the Redefining CyberSecurity Podcast, host Sean Martin invites Jack Cable, Senior Technical Advisor at CISA (U.S. Cybersecurity and Infrastructure Security Agency), to discuss the concept of 'Secure by Design' and the importance of incorporating security into the development process of technology products. The episode explores the motivations behind CISA's 'Secure by Design' initiative, which aims to shift the responsibility for cybersecurity from end users to technology manufacturers.

During the conversation, Jack highlights the need for long-term investments in cybersecurity and emphasizes the role of business leaders in driving necessary security improvements. The conversation explores the core principles of 'Secure by Design', including technology manufacturers taking ownership of security outcomes for their customers, promoting radical transparency and accountability, and ensuring top business leadership drives security improvements. The episode also touches on the collaboration between CISA and the open-source community to foster greater security improvements in the open-source space.

Jack also shares success stories of companies effectively implementing 'Secure by Design' principles and highlights the economic and business factors that will drive a more secure future. The episode concludes with a call-to-action for organizations to adopt the 'Secure by Design' approach and engage with CISA to support the shift towards more secure software.

Top Key Insights:

  • The 'Secure by Design' initiative is aiming to shift the burden of cybersecurity from end users to the technology manufacturers, essentially pushing for a more proactive approach to security.
  • Successful adoption of 'Secure by Design' requires buy-in from business leaders who possess the power to allocate budgets and direct the shift towards a secure future, demonstrating that cybersecurity is as much a business issue as a technical one.
  • Collaboration with the open-source community is crucial for improving security in the technology ecosystem. This includes expectaing companies who use open-source software to be responsible consumers and sustainable contributors to the open-source software ecosystem.

___________________________

Watch this and other videos on ITSPmagazine's YouTube Channel

Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:

📺 https://www.youtube.com/@itspmagazine

Be sure to share and subscribe!

___________________________

Resources

Inspiring LinkedIn Post: https://www.linkedin.com/posts/jackcable_when-a-new-vulnerability-comes-out-its-activity-7135658158726791168-nz9h

Secure by Design Overview: https://www.cisa.gov/securebydesign

Alert Series Announcement:

Previous Episode

undefined - The Great AI Debate: Does It Belong in SIEM? | Dissecting the Impact of AI on Modern SIEM Solutions | A Conversation with Mick Douglas and Dinis Cruz | Redefining CyberSecurity Podcast with Sean Martin

The Great AI Debate: Does It Belong in SIEM? | Dissecting the Impact of AI on Modern SIEM Solutions | A Conversation with Mick Douglas and Dinis Cruz | Redefining CyberSecurity Podcast with Sean Martin

Guests:

Mick Douglas, Founder and Managing Partner at InfoSec Innovations [@ISInnovations]

On LinkedIn | https://linkedin.com/in/mick-douglas

On Twitter | https://twitter.com/bettersafetynet

Dinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]

On LinkedIn | https://www.linkedin.com/in/diniscruz/

On Twitter | https://twitter.com/DinisCruz

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

This Episode’s Sponsors

Imperva | https://itspm.ag/imperva277117988

Devo | https://itspm.ag/itspdvweb

___________________________

Episode Notes

In this episode of the Redefining Cybersecurity podcast, Sean Martin is joined by Mick Douglas and Dinis Cruz to delve into a debatable topic: The role and effectiveness of Language Model (LLM) AI in Security Incident and Event Management (SIEM) systems.

Mick, with a rich history in cybersecurity, contends that while AI has its place, he doesn't believe it belongs in the SIEM itself. In contrast, Dinis cites the potential of AI to make SIEMs more productive by cleaning up data, reducing noise, and improving signal value. They discuss the issues of handling vast data sets, the potential for AI to help identify and manage anomalies, and how to create learning environments within SIEM. However, concerns were also raised regarding false positives, trust issues with AI and the significant computational costs to implement and maintain these AI systems.

Key Questions Explored:

  • Does AI belong in SIEM systems?
  • What potential does AI bring to SIEM?
  • What are the potential issues with implementing and maintaining AI in SIEM?

___________________________

Watch this and other videos on ITSPmagazine's YouTube Channel

Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:

📺 https://www.youtube.com/@itspmagazine

Be sure to share and subscribe!

___________________________

Resources

Inspiring LinkedIn Post: https://www.linkedin.com/posts/mick-douglas_first-let-me-be-really-clear-for-the-near-activity-7146143942739124224-a4vl/

Inspiring Twitter Post: https://twitter.com/bettersafetynet/status/1740370001973154010

___________________________

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:

https://www.itspmagazine.com/redefining-cybersecurity-podcast

Are you interested in sponsoring an ITSPmagazine Channel?

👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

Next Episode

undefined - Illuminating Cybersecurity: A Wave Of Revelations From The Blue LED Revolution | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3

Illuminating Cybersecurity: A Wave Of Revelations From The Blue LED Revolution | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3

In this edition of The Future of Cybersecurity Newsletter, we embark on a journey that connects the groundbreaking innovation of the blue LED with the ever-evolving challenges of cybersecurity. Shuji Nakamura's pioneering work in developing the blue LED not only revolutionized lighting technology but also provides invaluable lessons for tackling the complexities of modern cybersecurity. We explore how the persistence, interdisciplinary approaches, and innovative thinking that led to the blue LED's success can be mirrored in addressing cybersecurity threats.

________

This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.

Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.

Sincerely, Sean Martin and TAPE3

________

Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.

TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Episode Comments

Generate a badge

Get a badge for your website that links back to this episode

Select type & size
Open dropdown icon
share badge image

<a href="https://goodpods.com/podcasts/redefining-cybersecurity-219447/incorporating-security-from-the-start-for-a-more-secure-future-explori-44906713"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to incorporating security from the start for a more secure future: exploring the 'secure by design' initiative and the ongoing secure by design alert series | a conversation with jack cable | redefining cybersecurity podcast with sean martin on goodpods" style="width: 225px" /> </a>

Copy