"Discover how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack."In this episode, Brian and John are back, this time with Kathleen Moriarty discussing how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack.Kathleen Moriarty is a cybersecurity expert with over 25 years of experience in the field. She has served as a CISO multiple times and is currently the Chief Technology Officer at the Center for Internet Security. Kathleen is an IETF Security Area Director and author of the book "Transforming Information Security."Kathleen Moriarty learned about vendor responsibility for cybersecurity through her experience as an Internet Service Provider in 1995. She noticed that vendors are pushing for security as code, which involves managing security at scale and setting up policies for posture assessments, configuration requirements, and more. She works for the Center for Internet Security, which supports under-resourced state, local, tribal, and territorial organizations. They are developing a document that provides general guidance for IoT vendors to be held more accountable and ensure the devices they provide are secure. There is a need for a tool to make sure that updates are provided, and vendors should rely on something other than the end user to ensure their device is secure. She is also working on standards to help the vendor responsible for cybersecurity and ultimately help protect people from the sophisticated threat actors out there today."We have to take a step back, look at how we have done security for the past 30 years and say, can we change it now as we implement these new requirements? We have to push security back to vendors with architectural patterns that scale."In this episode, Brian and John discuss with Kathleen:1. How can vendors be held more accountable for delivering secure products?2. What strategies can organizations use to build resiliency into their infrastructure?3. What techniques can be employed to reduce the burden of manual system maintenance?
Let’s get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast