Artwork

محتوای ارائه شده توسط Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Player FM - برنامه پادکست
با برنامه Player FM !

Shifting Left: Vendor Responsibility for Cybersecurity ft. Kathleen Moriarty

44:45
 
اشتراک گذاری
 

Manage episode 354705606 series 3418676
محتوای ارائه شده توسط Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

"Discover how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack."

In this episode, Brian and John are back, this time with Kathleen Moriarty discussing how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack.

Kathleen Moriarty is a cybersecurity expert with over 25 years of experience in the field. She has served as a CISO multiple times and is currently the Chief Technology Officer at the Center for Internet Security. Kathleen is an IETF Security Area Director and author of the book "Transforming Information Security."

Kathleen Moriarty learned about vendor responsibility for cybersecurity through her experience as an Internet Service Provider in 1995. She noticed that vendors are pushing for security as code, which involves managing security at scale and setting up policies for posture assessments, configuration requirements, and more. She works for the Center for Internet Security, which supports under-resourced state, local, tribal, and territorial organizations. They are developing a document that provides general guidance for IoT vendors to be held more accountable and ensure the devices they provide are secure. There is a need for a tool to make sure that updates are provided, and vendors should rely on something other than the end user to ensure their device is secure. She is also working on standards to help the vendor responsible for cybersecurity and ultimately help protect people from the sophisticated threat actors out there today.

"We have to take a step back, look at how we have done security for the past 30 years and say, can we change it now as we implement these new requirements? We have to push security back to vendors with architectural patterns that scale."

In this episode, Brian and John discuss with Kathleen:
1. How can vendors be held more accountable for delivering secure products?
2. What strategies can organizations use to build resiliency into their infrastructure?
3. What techniques can be employed to reduce the burden of manual system maintenance?


Let’s get into Things on the IoT Security Podcast!

Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontos
And you can follow John Vecchi at https://www.linkedin.com/in/johnvecchi

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

  continue reading

30 قسمت

Artwork
iconاشتراک گذاری
 
Manage episode 354705606 series 3418676
محتوای ارائه شده توسط Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

"Discover how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack."

In this episode, Brian and John are back, this time with Kathleen Moriarty discussing how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack.

Kathleen Moriarty is a cybersecurity expert with over 25 years of experience in the field. She has served as a CISO multiple times and is currently the Chief Technology Officer at the Center for Internet Security. Kathleen is an IETF Security Area Director and author of the book "Transforming Information Security."

Kathleen Moriarty learned about vendor responsibility for cybersecurity through her experience as an Internet Service Provider in 1995. She noticed that vendors are pushing for security as code, which involves managing security at scale and setting up policies for posture assessments, configuration requirements, and more. She works for the Center for Internet Security, which supports under-resourced state, local, tribal, and territorial organizations. They are developing a document that provides general guidance for IoT vendors to be held more accountable and ensure the devices they provide are secure. There is a need for a tool to make sure that updates are provided, and vendors should rely on something other than the end user to ensure their device is secure. She is also working on standards to help the vendor responsible for cybersecurity and ultimately help protect people from the sophisticated threat actors out there today.

"We have to take a step back, look at how we have done security for the past 30 years and say, can we change it now as we implement these new requirements? We have to push security back to vendors with architectural patterns that scale."

In this episode, Brian and John discuss with Kathleen:
1. How can vendors be held more accountable for delivering secure products?
2. What strategies can organizations use to build resiliency into their infrastructure?
3. What techniques can be employed to reduce the burden of manual system maintenance?


Let’s get into Things on the IoT Security Podcast!

Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontos
And you can follow John Vecchi at https://www.linkedin.com/in/johnvecchi

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

  continue reading

30 قسمت

همه قسمت ها

×
 
Loading …

به Player FM خوش آمدید!

Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.

 

راهنمای مرجع سریع