November 2018 saw the very beginning of our knowledge shares in our podcast library. We are proud to have featured industry leaders, pioneers, and thinkers. Individuals with diverse backgrounds and experiences but one goal: the betterment of the cybersecurity industry.
We opened with a conversation with Internet Hall of Famer, Paul Vixie. Here Paul shared the six questions you need to ask for success in any relationship, business or personal, and stressed the importance of transparency in the tussle between the client and vendor agenda. He highlighted the need for CISOs to feel empowered to say no and the importance of communication in their role, particularly with the Board. In looking at the industry as a whole, he pointed out that that no matter how hard CMOs try, security technology just isn’t sexy.
For Tammy Moskites, Senior Security Executive at Accenture, your network is key. She recommended deepening relationships, building a network, and leveraging every connection — including your VC. She argued that the most critical, but overlooked, security issue is the basic foundation of asset inventory, security, and protection. Over the conversation Tammy covered what CISOs really want from vendors and offered her opinion on whether successful CISOs are more likely to be business-oriented tech professionals or tech-oriented business professionals.
Shining a light on the misaligned priorities of security startups, Chad Holmes, Chief Services and Operations Officer at Optiv, worried that the cyber industry has become more focused on market price than solving problems. His belief is that today’s changing business models have placed enormous pressure on the industry, and he advised vendors to bring a single, relevant message to the table. He too recognized the duality of the CISO role and wondered if CISOs were being pushed to their limits. Interestingly, Chad cautioned that AI engines of the future could prove a far deadlier foe than the human insider threat today.
Tom McAndrew, CEO of Coalfire, underlined the importance of understanding your customer before trying to sell anything and defined three key areas in which to provide constant assurance: security, privacy, and compliance. He sees a trend for industry-specific security products and believes vendors can lead the field by sharing. Finally, he boldly asserted that its time cybersecurity be made a board position.
Having spent much of her career in academia, Laura Noren, Director of Research at Obsidian, offered a refreshing perspective on how to start the conversation on ethics in cybersecurity. She discussed how communities could figure out appropriate use of technology and touched upon the power of ethical objection, citing Google’s (in)famous Project Maven. Laura firmly believes ethics should be built into new products before the problems happen and wondered if VC funding should be tied to proven ethical approaches.