Building the Enterprise Security Team by Dr. Ed Amoroso
I hope you’ll take some time and listen to my recent podcast discussion with Brian Contos, CISO of Verodin. We cover lots of ground during the interview, but I am particularly hopeful you’ll listen to my advice on building a world-class enterprise security team. I truly believe that successful security programs must focus on the basics. And I try hard during the discussion to provide concrete examples of exactly what these basic considerations would be, such as:
-Making sure teams understand their roles and responsibilities (and so many enterprise security teams simply don’t take the time for this important step)
-Focusing on foundational issues and culture (and this is truly required to construct an effective enterprise security team)
-Keeping processes simple and maintain open systems (which is hard to do for most technical CISOs who never saw a system that was not complex enough for their taste)
-Building sensible defense in depth architectures (which has implications for how your staff is organized around a good enterprise security program)
You can listen to the podcast here or directly through iTunes, Spotify, or Stitcher. You can also read the podcast transcription here. I hope you enjoy and benefit from the discussion!
- Malicious File Transfer: What You Need To Know About an Attacker’s Methods and Techniques To Protect Your Organization From Malware by Ursula Cowan
- Verodin LATAM Party (Porto Alegre Brazil) by Brian Contos
- Policy Evasion: Evasive Techniques You Need to Understand to Prevent Breaches and Attacks by Major General Earl Matthews USAF (Ret)
*** This is a Security Bloggers Network syndicated blog from Verodin Blog authored by Verodin Blog. Read the original post at: https://www.verodin.com/post/building-the-enterprise-security-team
