Artwork

A tartalmat a The EPAM Continuum Podcast Network and EPAM Continuum biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a The EPAM Continuum Podcast Network and EPAM Continuum vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!

Silo Busting 69: Neatsun Ziv and Sam Rehman on the Balanced Approach to Risk Management

21:49
 
Megosztás
 

Manage episode 462330930 series 3215634
A tartalmat a The EPAM Continuum Podcast Network and EPAM Continuum biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a The EPAM Continuum Podcast Network and EPAM Continuum vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
What should we be focusing on? It’s an essential question for all of us… but for those in the cybersecurity game, it’s critical. Focusing on the wrong things here can be *costly.* Or so says Neatsun Ziv, Co-Founder and CEO of OX Security, in this *#CybersecurityByDesign* conversation with Sam Rehman, EPAM’s CISO and SVP. Ziv says that, when it comes to fixing code, “95% of the things” that organizations work on have “zero risk impact,” adding: “That is an insane amount of money that the organization should have spent creating a bigger gap between them and the competitors.” Managing risk is indeed a major challenge for contemporary organizations. “There's no such thing as one single application anymore,” says Rehman, who wonders: “How do you manage the inherent risk from all these components?” Ziv says the answer is about getting clients to focus on what’s critical to them. There’s a need to distinguish between vulnerability, theoretical risk and actual practical risk. What is a practical risk? It means getting clients to recognize, as an organization: “This is what I'm concerned about.” “I always tell people the risk is managed,” adds Rehman, who says that approach is underpinned by asking questions such as “What's your security posture?” and assessing a client’s risk tolerance. “You need to be smart about the investment,” says Ziv. He notes that this is where experienced leaders become practical. He gets them to answer questions like: What's exposed? What's internal? What do you want to replace first? How do we do it? Ultimately, he says, it’s getting clients to be mature enough to say that they’d focus on the “5% [of efforts] that would actually make a difference in the first year or the second year.” The trick is taking a balanced approach, and the guys bring the idea of balance into the realms of supply chain and open source. We leave you with a warning: Listening might have a serious impact on your own security posture. Click play now! Host: Kenji Ross Engineer: Kyp Pilalas Producer: Ken Gordon
  continue reading

172 epizódok

Artwork
iconMegosztás
 
Manage episode 462330930 series 3215634
A tartalmat a The EPAM Continuum Podcast Network and EPAM Continuum biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a The EPAM Continuum Podcast Network and EPAM Continuum vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
What should we be focusing on? It’s an essential question for all of us… but for those in the cybersecurity game, it’s critical. Focusing on the wrong things here can be *costly.* Or so says Neatsun Ziv, Co-Founder and CEO of OX Security, in this *#CybersecurityByDesign* conversation with Sam Rehman, EPAM’s CISO and SVP. Ziv says that, when it comes to fixing code, “95% of the things” that organizations work on have “zero risk impact,” adding: “That is an insane amount of money that the organization should have spent creating a bigger gap between them and the competitors.” Managing risk is indeed a major challenge for contemporary organizations. “There's no such thing as one single application anymore,” says Rehman, who wonders: “How do you manage the inherent risk from all these components?” Ziv says the answer is about getting clients to focus on what’s critical to them. There’s a need to distinguish between vulnerability, theoretical risk and actual practical risk. What is a practical risk? It means getting clients to recognize, as an organization: “This is what I'm concerned about.” “I always tell people the risk is managed,” adds Rehman, who says that approach is underpinned by asking questions such as “What's your security posture?” and assessing a client’s risk tolerance. “You need to be smart about the investment,” says Ziv. He notes that this is where experienced leaders become practical. He gets them to answer questions like: What's exposed? What's internal? What do you want to replace first? How do we do it? Ultimately, he says, it’s getting clients to be mature enough to say that they’d focus on the “5% [of efforts] that would actually make a difference in the first year or the second year.” The trick is taking a balanced approach, and the guys bring the idea of balance into the realms of supply chain and open source. We leave you with a warning: Listening might have a serious impact on your own security posture. Click play now! Host: Kenji Ross Engineer: Kyp Pilalas Producer: Ken Gordon
  continue reading

172 epizódok

Semua episod

×
 
Loading …

Üdvözlünk a Player FM-nél!

A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.

 

Gyors referencia kézikönyv

Hallgassa ezt a műsort, miközben felfedezi
Lejátszás