30 min listen
The Ostrich Approach To Vulnerability Management
The Ostrich Approach To Vulnerability Management
ratings:
Length:
35 minutes
Released:
Oct 5, 2021
Format:
Podcast episode
Description
All links and images for this episode can be found on CISO Series OK, you showed us our vulnerability. But we really don't want to fix it now. Could we just pay you off to keep quiet, and to buy us some more time to deal with this in a "not so timely" manner? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Sameer Sait (@sameersait), CISO, Amazon - Whole Foods. Thanks to our podcast sponsor, Code42 As organizations gradually and cautiously move out of adapt out of adapt-or-die mode into the post-pandemic era, we can expect a second phase of digital transformation: resilience building. This presents an opportunity for security teams. An opportunity to re-imagine data security. More from Code42. In this episode: What if software developers used academic citations for code acquired from outside sources? What is a reported security vulnerability doesn't get fixed? Where do you go next? What if a 3rd party app developer needs access to a file/print share over the internet? What if you receive a pitch that makes a grandiose statement like "no false positives?" Follow-up or hard pass?
Released:
Oct 5, 2021
Format:
Podcast episode
Titles in the series (100)
A Privacy Policy Written in English (Introducing the CISO/Security Vendor Relationship Podcast with Mike Johnson and David Spark): I’m proud and excited to announce the launch of the CISO/Security Vendor Relationship Podcast based on the series of articles and videos I produced that examine the relationship between security buyers and sellers. That series was heavily... by CISO Series Podcast