Jun 25, 2019
All images and links for this episode available at CISO Series
Do we understand the value of our data? Do our adversaries? And
is the way we're protecting it making it too expensive for them to
Check out this post and discussion for the basis of our
conversation on this week’s episode co-hosted by me, David
Spark (@dspark), the
creator of CISO
Series and Allan
Alford (@AllanAlfordinTX). Our
sponsored guest for this episode is Chip Witt (@rt_clik), head of product
strategy for SpyCloud.
Thanks to this week’s podcast sponsor,
Learn more about
how you can protect employees and customers from account takeover
On this episode of Defense in Depth, you'll
- Understand what your crown jewels are and what is the most
important data to protect. Many companies have a hard time
answering that question and they end up trying to protect
everything and that can get very costly.
- Be strategic about understanding what it costs to go after your
- Look for ways to auto protect your assets.
- Most people do not spend a lot of time understanding the
- On average, your employees have 207 online accounts. Those
seemingly innocuous sites (e.g., fantasy football) sites can often
be used as opportunities to break into your network and as we know,
most people use the same password on multiple accounts.
- Criminal enterprises operate like any other business. They're
looking to generate ROI. Make it so there is no ROI or it's too
difficult to achieve it.
- Focus on credential theft. Check your set of users for exposed
credentials because people use weak credentials to access valuable
- As a business you also want to protect your employees' personal
accounts from account takeover.