BSWEpisode171

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode 171 - 2020-04-27

Episode Audio

Business Security Weekly Episode 171

Announcements

  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!

News - Avoid These Missteps and Strategize a Return to the Office

Description:

In the Leadership and Communications section, Executives and Boards, Avoid These Missteps in a Crisis, Strategizing a return to the office, How to Answer an Unanswerable Question, and more!



Jason Albuquerque's Content:

Jason Albuquerque-0.jpg


Template:BSW171NewsJason Albuquerque

Matt Alderman's Content:

MattAlderman-0.png


  • Executives and Boards, Avoid These Missteps in a Crisis - Organizations of all types are feeling the pressure to simultaneously wrestle with surviving the immediate crisis and planning for a radically changed future. How do they share the economic pain among stakeholders? How should they revamp their supply chains in order to make them more resilient? How do they avoid the mistakes they made in the last crisis — whether that was waiting too long to respond, overreacting by cutting so deeply it hampered their recovery, or simply cutting in the wrong places? Avoid these three main traps by asking the right questions:
  1. Narrow thinking - Has everyone received the full set of information and been given a chance to form his or her own opinion before hearing others?
  2. Deferring to the leader - Are all experts sharing their expertise?
  3. Conformity - Does the senior leadership team or board simply accept the first plausible solution, or does it continue to search for alternative, potentially superior solutions?
  1. Balancing global office dynamics - With offices in Bellevue, Washington, Boston, Edinburgh, Sydney and London and 1,600 employees, Smartsheet has seen a normalization of communication between offices. Now, when everyone joins online, it's not a Bellevue-dominated conversation. Communication is evenly weighted globally.
  2. A 3-part plan and culture preservation - To close offices and start the process to work from home, TIBCO transitioned in levels:
    1. Executives identified a core group of operations employees to work from home before the company pivoted fully remote.
    2. TIBCO began to close offices.
    3. As the bulk of employees moved to work from home, TIBCO had to identify what changes it needed to make on a system level for consistency. The goal was to ensure there were no gaps in productivity or holes in the security posture.
  3. Playing network 'whack-a-mole' - Ahead of the shutdown, Altair revamped "how to" guides and started adding additional VPN licenses incrementally because the company didn't want to run out of secure logins.
  4. A move each day of the week - Laserfiche decided it needed to prepare and conduct a work from home test:
    1. Tuesday, the company evaluated essentials and critical processes.
    2. Wednesday, Laserfiche executed companywide training and made sure everyone could log in.
    3. Thursday, it locked down the building and everyone worked from home.
    4. Friday, Laserfiche conducted a wide set of training and allowed everyone who wanted to take home laptops, monitors and anything else they needed.
  5. Change in customer conversations - At cybersecurity company Balbix, the move to a remote environment, from a collaboration and work perspective, had "no impact whatsoever". But the setup required adjustment.
  • CIO perspective: Strategizing a return to the office - The last two months tested organizations' ability to become "an internet era company," calling into question the necessity of standard technologies. As CIOs revisit their technology stack, they should be able to answer these questions:
    • Does an organization actually need its own network?
    • Should IT put security out on the edge so people can connect through native internet?
    • Should devices secure themselves so they "connect across a hostile territory?"
  • How to Answer an Unanswerable Question - Whether you are a leader, a teacher, or a parent, you may be called upon to answer especially difficult questions right now, questions that have no satisfying answers. But this doesn’t mean you can’t form a helpful and honest response. Here are some tips:
    • Acknowledge your own anxiety.
    • Listen for the need underneath the question.
    • Ask questions that help others find strength.
    • Don’t interpret questions as critique.
    • Practice your tone and physical delivery ahead of time.
    • If you blow it, recover quickly.
  • Jump-Start Your Motivation With These 4 Easy Steps
  1. Get the ball rolling
  2. Identify underlying energy drains
  3. Identify energy multipliers
  4. Keep track of your motivation progress

Paul Asadoorian's Content:

Paul Asadoorian-0.png


Template:BSW171NewsPaul Asadoorian


Interview: Relations Between Buyers and Sellers of Security Products - 6:00-6:45PM

Description:

The concept of the CISO/Security Vendor Relationship Series started more than two years ago when relations between security vendors and practitioners appeared very strained. Since we started producing our podcasts more than a year and a half ago, anecdotally, we're seeing a lot of improvement. But, there are still plenty of issues like what we saw more than two years ago.

Guest: Bio:
David Spark is Producer at CISO Series
David Spark is the producer of the CISO Series, a media channel of blogs, podcasts, and videos all on the cybersecurity ecosystem. Just over a year old, the CISO Series has hit a nerve in the InfoSec industry as it has acted as a much needed mouthpiece for the dysfunctional yet much needed relationship between buyers and sellers of security products. Spark is a veteran tech journalist and producer who has appeared in more than 40 media outlets. He is also the owner of Spark Media Solutions, a B2B content marketing agency for the tech industry.

Hosts

Jason Albuquerque - CIO & CSO at Carousel Industries
Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly

Fullaudio - None

Description:

This week, we welcome David Spark, Producer of the CISO Series, to discuss how relations are improving between buyers and sellers of security products! In the Leadership and Communications segment, Executives and Boards, Avoid These Missteps in a Crisis, Strategizing a return to the office, How to Answer an Unanswerable Question, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly



Jason Albuquerque's Content:

Jason Albuquerque-0.jpg


Template:BSW171FullaudioJason Albuquerque

Matt Alderman's Content:

MattAlderman-0.png


Template:BSW171FullaudioMatt Alderman

Paul Asadoorian's Content:

Paul Asadoorian-0.png


Template:BSW171FullaudioPaul Asadoorian