Episode 4 - Understanding Your Environment

04/16/20 • 13 min

Episode 4 of the podcast focuses on the CISO's perspective on the importance of understanding the corporate network environment and features Anthony Johnson, Managing Partner of Delve Risk. Outline:

(00:22) Introductions
(01:07) Question 1 – As a CISO, if I don’t have clear or accurate insight into the state of my assets and infrastructure, what immediate risks am I incurring?
(02:23) Question 2 – You’ve started a role as a CISO at a new company - how do you test the information your presented with around the the network, the current state of the security team and tech stack, and when do you trust it?
(03:21) Question 3 – In your experience, what percentage of the network do you think the average CISO and team have a good handle on and are there trends in the gaps?
(05:51) Question 4 – Are there any trivial gaps - How complete should a CISO’s knowledge and insight into their environment be; IE If they’re confident on 80% of the network, is that enough?
(08:43) Question 5 – How has the emphasis on maintaining a meaningful understanding of your network impacted your strategy around the staffing/teams that you’ve built?
(10:53) Recap & Takeaways

Episode 4 of the podcast focuses on the CISO's perspective on the importance of understanding the corporate network environment and features Anthony Johnson, Managing Partner of Delve Risk. Outline:

(00:22) Introductions
(01:07) Question 1 – As a CISO, if I don’t have clear or accurate insight into the state of my assets and infrastructure, what immediate risks am I incurring?
(02:23) Question 2 – You’ve started a role as a CISO at a new company - how do you test the information your presented with around the the network, the current state of the security team and tech stack, and when do you trust it?
(03:21) Question 3 – In your experience, what percentage of the network do you think the average CISO and team have a good handle on and are there trends in the gaps?
(05:51) Question 4 – Are there any trivial gaps - How complete should a CISO’s knowledge and insight into their environment be; IE If they’re confident on 80% of the network, is that enough?
(08:43) Question 5 – How has the emphasis on maintaining a meaningful understanding of your network impacted your strategy around the staffing/teams that you’ve built?
(10:53) Recap & Takeaways

Previous Episode

Episode 3 - Disinformation in the Time of Pandemics

Episode 3 of the podcast focuses on illuminating disinformation and misinformation activity surrounding the COVID-19 Pandemic and features Cindy Otis, Managing Director at Nisos, Inc. Outline:

(00:00) Intro
(01:43) Question 1 - The pandemic is obviously something that’s touching every person’s life at this point. Due to the overall disruption, do you think people are more susceptible to disinformation surrounding it?
(03:48) Question 2 – What types of disinformation have you been seeing pushed out?
(05:35) Question 3 - Who are the actors behind it? What are they trying to accomplish with it?
(08:54) Question 4 – If I’m an employer, what can I do to help protect my employees from the influence of disinformation campaigns
(11:38) Question 5 – We’re still leading up to 2020 elections - Are you seeing corona virus disinformation tied to anything election related?
(14:58) Recap & Take-aways

Next Episode

Episode 5 - Understanding the Insider Threat

Episode 5 of the podcast focuses on understanding the nuances around insider threat scenarios and features Gabe Ramsey, Partner @ Crowell & Moring.

Intro (00:18)
Question 1 (00:56) – Thinking about the team that comes together in an insider threat investigation, what does that look like? Both internal and 3rd parties.
Question 2 (01:50) - Are there any common trends that you see with companies that are successful in investigating and, from your angle, bringing litigation against an insider threat?
Question 3 (02:39) - Insider threat, its a very multi-dimensional problem, but all of the effort leads to some kind of legal action or outcome. From your perspective, what is the main network informational gap that you face in trying to prove the actions or intent of an insider?
Question 4 (04:21) - I've spoken with CISO's specifically on data collection surrounding insider threat, and it seems that there is a general lack of comfort with the total degree of valuable information gathering that can be done within the scope of the law, largely because it seems invasive to the individual. That said with an insider threat situation, you are often trying to prove something that falls more in the realm of human activity, than pure network activity. What are some of the tools you recommend clients use to collect the necessary information to be able to make the right assertion about an individual suspected of being an insider threat, and how do you help them navigate this often-uncomfortable situation?
Question 5 (07:28) - I've heard people talk about larger, more sophisticated companies allowing technical threats to dwell on specific systems so they can learn more about their motives through the actions they observe on the network, and with insider threat, I can imagine that there is a range of appropriate responses, from immediate separation to levels of overt or covert observation of the individual; from your perspective what does that look like, and what triggers lead to different actions, and what are the actions that companies end up taking?
Recap & Key Takeaways (10:19)