DREAMR: What is it, and why is it so important to Enterprise
Examples of aligning business and security requirements and
winning hearts & minds
How does a security organization get around "see I told you
An example of how to make the framework work for you
We discuss the importance of listening, then listening, then
listening some more
Jessica and Ben explain "accomodating" the business
Jessica and Ben give us "One critical piece of advice"
Jessica Hebenstreit ( @secitup ) - Jessica Hebenstreit
has been a member of the Information Security community for over a
decade. Having worked on both the technical and business sides of
various enterprises, Hebenstreit has a unique perspective that
allows for more understanding when balancing competing interests.
She is a successful and results-oriented Information Security
expert with hands-on information security experience in security
monitoring, incident response, risk assessment, analysis, and
architecture and solution design. She holds the following
certifications, CISSP, GIAC-GSEC, CRISC and SFCP. In March 2012,
she earned her Masters of Science in IT (MSIT) specializing in
Information Assurance and Security. She is currently the Manager of
Security Informatics - Threat Analysis and Response at Mayo Clinic.
She is building a smart response architecture for incident
response from the ground up.
Ben Meader ( @blmeader ) - Ben Meader is
a Senior Security professional with a unique blend of technical
acumen and business know-how. Meader’s security thought leadership
has been battle tested at multi-national firms over the past 13
years ranging from network security and operational security to
performing detailed risk assessments and implementing a firm-wide
privacy program. He remains up to date in both security and
business having received his M.B.A. from DePaul University and has
a current CISSP. He is also active in the entrepreneurial community
and is Co-Founder of a mobile application company on the
side. His education and range of experiences in working with
firms both large and small have given him a unique perspective on
the role of security within different business cultures and how
competing philosophies can collide.
Take a step outside the echo chamber - gain some perspective and context.
Welcome to Cybersecurity: An immature industry where we mandate impossible-to-remember complex passwords that change every 30 days - and call that security. It's an industry where everyone is an expert, but no one's actually solved anything... weird right?
This show is focused on the many aspects of cybersecurity - from professional to leadership, technical to abstract. We look to entertain you while filling your brain with expertise and knowledge from all corners of our industry and beyond. You can expect security experts, policy professionals, and people from outside our own "security bubble" because frankly, our echo chamber needs some perspective.
Join us, subscribe, and share in the conversation.
Follow us on Twitter: @DtSR_Podcast
Check out Rafal's @Medium blog at https://medium.com/@BlogWh1t3Rabbit