Artwork

Content provided by Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Shifting Left: Vendor Responsibility for Cybersecurity ft. Kathleen Moriarty

44:45
 
Share
 

Manage episode 354705606 series 3418676
Content provided by Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

"Discover how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack."

In this episode, Brian and John are back, this time with Kathleen Moriarty discussing how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack.

Kathleen Moriarty is a cybersecurity expert with over 25 years of experience in the field. She has served as a CISO multiple times and is currently the Chief Technology Officer at the Center for Internet Security. Kathleen is an IETF Security Area Director and author of the book "Transforming Information Security."

Kathleen Moriarty learned about vendor responsibility for cybersecurity through her experience as an Internet Service Provider in 1995. She noticed that vendors are pushing for security as code, which involves managing security at scale and setting up policies for posture assessments, configuration requirements, and more. She works for the Center for Internet Security, which supports under-resourced state, local, tribal, and territorial organizations. They are developing a document that provides general guidance for IoT vendors to be held more accountable and ensure the devices they provide are secure. There is a need for a tool to make sure that updates are provided, and vendors should rely on something other than the end user to ensure their device is secure. She is also working on standards to help the vendor responsible for cybersecurity and ultimately help protect people from the sophisticated threat actors out there today.

"We have to take a step back, look at how we have done security for the past 30 years and say, can we change it now as we implement these new requirements? We have to push security back to vendors with architectural patterns that scale."

In this episode, Brian and John discuss with Kathleen:
1. How can vendors be held more accountable for delivering secure products?
2. What strategies can organizations use to build resiliency into their infrastructure?
3. What techniques can be employed to reduce the burden of manual system maintenance?


Let’s connect about IoT Security!

Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

  continue reading

33 episodes

Artwork
iconShare
 
Manage episode 354705606 series 3418676
Content provided by Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Phosphorus Cybersecurity Inc and Phosphorus Cybersecurity or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

"Discover how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack."

In this episode, Brian and John are back, this time with Kathleen Moriarty discussing how to hold vendors accountable for their cybersecurity responsibility and protect your business from attack.

Kathleen Moriarty is a cybersecurity expert with over 25 years of experience in the field. She has served as a CISO multiple times and is currently the Chief Technology Officer at the Center for Internet Security. Kathleen is an IETF Security Area Director and author of the book "Transforming Information Security."

Kathleen Moriarty learned about vendor responsibility for cybersecurity through her experience as an Internet Service Provider in 1995. She noticed that vendors are pushing for security as code, which involves managing security at scale and setting up policies for posture assessments, configuration requirements, and more. She works for the Center for Internet Security, which supports under-resourced state, local, tribal, and territorial organizations. They are developing a document that provides general guidance for IoT vendors to be held more accountable and ensure the devices they provide are secure. There is a need for a tool to make sure that updates are provided, and vendors should rely on something other than the end user to ensure their device is secure. She is also working on standards to help the vendor responsible for cybersecurity and ultimately help protect people from the sophisticated threat actors out there today.

"We have to take a step back, look at how we have done security for the past 30 years and say, can we change it now as we implement these new requirements? We have to push security back to vendors with architectural patterns that scale."

In this episode, Brian and John discuss with Kathleen:
1. How can vendors be held more accountable for delivering secure products?
2. What strategies can organizations use to build resiliency into their infrastructure?
3. What techniques can be employed to reduce the burden of manual system maintenance?


Let’s connect about IoT Security!

Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

  continue reading

33 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide