Preview Mode Links will not work in preview mode

Defense in Depth


Dec 5, 2019

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-infosec-trends-for-2020/)

We're coming to the end of the year and that means it's time to make our predictions for 2020. Mark this episode and check back in one year to see how we did.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our sponsored guest is Rob Potter, chief revenue officer for Verodin.

Thanks to this week’s podcast sponsor, Verodin.

VerodinThe Verodin Security Instrumentation Platform proactively identifies gaps in security effectiveness attributable to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Learn how Verodin, part of FireEye, has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value.

On this episode of Defense in Depth, you’ll learn:

  • More large scale breaches is not a prediction. At this stage that's an inevitability.
  • ML/AI/Blockchain will continue to be oversold and under-delivered.
  • Most cloud breaches are configuration errors. They are not mastermind attacks. They can't be called a breach if they were never secured properly in the first place. Note that cyber insurance does not pay out unless proper protections were in place.
  • "Better" cloud and Internet of Things (IoT) security is not possible given how far it's been mismanaged up to this point. There are so many insecure nodes out there that it appears an impossibility to create any type of patch protection. There was strong debate as to whether this was a true statement or not.
  • Strongest prediction (and it's already in motion) is the convergence of privacy and security.
  • Privacy will be driven by regulations and as a result more people will be instituting chief privacy officers to avoid being in violation.