Episode 4 of the podcast focuses on the CISO’s perspective on the importance of understanding the corporate network environment and features Anthony Johnson, Managing Partner of Delve Risk.
Outline:
- (00:22) Introductions
- (01:07) Question 1 – As a CISO, if I don’t have clear or accurate insight into the state of my assets and infrastructure, what immediate risks am I incurring?
- (02:23) Question 2 – You’ve started a role as a CISO at a new company – how do you test the information your presented with around the the network, the current state of the security team and tech stack, and when do you trust it?
- (03:21) Question 3 – In your experience, what percentage of the network do you think the average CISO and team have a good handle on and are there trends in the gaps?
- (05:51) Question 4 – Are there any trivial gaps – How complete should a CISO’s knowledge and insight into their environment be; IE If they’re confident on 80% of the network, is that enough?
- (08:43) Question 5 – How has the emphasis on maintaining a meaningful understanding of your network impacted your strategy around the staffing/teams that you’ve built?
- (10:53) Recap & Takeaways