From Paul's Security Weekly
Recorded November 4, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
- Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
- Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.
Interview: Henry Harrison, Garrison
What is Hardsec?
A contrarian in the security industry, Henry Harrison of Garrison believes the only way forward is to implement security on the foundational level through Hardsec. An evangelizing approach that emerged out of research and development from the UK’s national security, hardsec relies on hardware security executed through the use of non-turing machines digital logic – chips that are too dumb to be hacked – to eliminate cyber threats. This moves away from the generic chip sets and advocates for a more unique and specialized chip set for devices where security is paramount. During this conversation, Henry can talk about this approach and what it would take for it to become widely adopted.
- Balancing the Company’s Needs and Employee Satisfaction - Doing what is right for their company and doing what will make their employees happiest are not always mutually exclusive. Making the following shifts in mindset can help:
- From individual happiness to collective purpose
- From engagement to ownership
- From promotability to visibility
- Why Successful People Wear The Same Thing Every Day - Researchers have actually studied the effect that making too many decisions can have on our lives and what they show is that our capacity to consistently make well thought out decisions is finite. Many successful individuals understand that less time spent on making decisions meant more brainpower and time for everything else. Therefore, reduce one decision by choosing a monotonous wardrobe...
- Technology That Will Actually Make You More Productive - Don’t be afraid of technology, embrace it. Just make sure you are picking the right tools to put on your phone or tablet...
- What industry gets wrong about cyber insurance - Misconceptions about the role insurance plays in a cyber event's aftermath are common. Let's try to provide some clarity:
- Cyber insurance is an investment
- How to choose a cyber insurance policy
- Insurance loopholes
- Security considerations
- Insurers' role in incident response
- Four principles for security metrics - When you start developing security metrics for a problem area, don't plunge into trying to analyze 'risk'. Here are four founding principles if you want to develop trusted operational security metrics that are relevant for your organization:
- Start with process
- Understand the reality of the process
- Create one metric per process
- Be clear on the type of process failure
- 3 lessons on the future of talent pipelines - Talent shortages haven't ceased being a discussion going into the next decade, yet swaths of the American population are either underrepresented in the workforce or struggle to develop the skills necessary to thrive in it. Here are the issues impacting employers' talent pipelines:
- The digital skills gap may be the biggest one
- Companies won't ignore the role of social issues in recruiting
- Employers can expect never-ending 'reskilling'