Select Page

Want to Beat COVID-19? Consult a CISO

CISO Interviews, Featured, Sergej Epp

To paraphrase the military mastermind Sun Tzu, you must know your enemy before you can defeat him. Infectious disease experts around the world look to do the same with the coronavirus. To contain a viral outbreak, scientists must identify the virus’ origin and track its spread. Once located, scientists study the virus’ behavior and develop a containment plan. CISOs work the same way. At the first sign of malware or another virus, CISOs analyze metadata and user behavior to locate the malicious file or code. Security teams learn how the virus got in and how it spread. All impacted systems, applications, and endpoints must be quarantined. To beat an enemy, you must know how the enemy operates, regardless of whether the fight takes place in the natural world, a corporate network, or on the battlefield.

CISO Street recently sat down at RSA with Sergej Epp, Central Europe CISO for Palo Alto Networks, to explore the many challenges and opportunities CISOs face. In this video, Sergej shares how CISO’s must be experts in identifying and understanding a virus before eradicating it.

RELATED POSTS

Selling to a CISO? Practice Empathy, Not Salesmanship

Selling to a CISO? Practice Empathy, Not Salesmanship

The cyber security marketplace is hot. Ask any candidate for a cybersecurity role. Better yet, ask any supplier to CISOs. The supplier audience is especially vast, and it’s continuing to grow. Just three years ago, there were estimated to be less than 2,000...

The Risk of Measuring Risk

The Risk of Measuring Risk

Automated measuring of control effectiveness is a very good idea conceptually. When you can combine control gaps with relevant threat information, you get a very good picture about the actual technical cyber risks your business faces. If done correctly, it provides...

Stagehand: Episode 4

Stagehand: Episode 4

Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no...

SecOps Needs More Democratization, Not Less SOC

SecOps Needs More Democratization, Not Less SOC

An increasing complexity of technologies, as well as an increasing number of failures and attacks followed by an increasing dependency on business goals is changing the way we run Security Operations Centers. I previously discussed the concept of a Fusion Center as an...

Measuring a Cyber Awareness Culture

Measuring a Cyber Awareness Culture

Until recently, cyber awareness metrics have been treated by many as a tick-box exercise driven by regulations. The regulator requires x number of hours of cyber awareness training per employee per year, and once that is done, the organisation ticks a box and waits...

Mitre Disrupting Advanced Persistent Threats
Share This