Preview Mode Links will not work in preview mode

Defense in Depth

Jun 25, 2019

All images and links for this episode available at CISO Series ( 

Do we understand the value of our data? Do our adversaries? And is the way we're protecting it making it too expensive for them to steal?

Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our sponsored guest for this episode is Chip Witt (@rt_clik), head of product strategy for SpyCloud.

Thanks to this week’s podcast sponsor, SpyCloud


Learn more about how you can protect employees and customers from account takeover with SpyCloud.

On this episode of Defense in Depth, you'll learn:

  • Understand what your crown jewels are and what is the most important data to protect. Many companies have a hard time answering that question and they end up trying to protect everything and that can get very costly.
  • Be strategic about understanding what it costs to go after your data.
  • Look for ways to auto protect your assets.
  • Most people do not spend a lot of time understanding the underground economy.
  • On average, your employees have 207 online accounts. Those seemingly innocuous sites (e.g., fantasy football) sites can often be used as opportunities to break into your network and as we know, most people use the same password on multiple accounts.
  • Criminal enterprises operate like any other business. They're looking to generate ROI. Make it so there is no ROI or it's too difficult to achieve it.
  • Focus on credential theft. Check your set of users for exposed credentials because people use weak credentials to access valuable credentials.
  • As a business you also want to protect your employees' personal accounts from account takeover.