DREAMR: What is it, and why is it so important to Enterprise
Examples of aligning business and security requirements and
winning hearts & minds
How does a security organization get around "see I told you
An example of how to make the framework work for you
We discuss the importance of listening, then listening, then
listening some more
Jessica and Ben explain "accomodating" the business
Jessica and Ben give us "One critical piece of advice"
Jessica Hebenstreit ( @secitup ) - Jessica Hebenstreit
has been a member of the Information Security community for over a
decade. Having worked on both the technical and business sides of
various enterprises, Hebenstreit has a unique perspective that
allows for more understanding when balancing competing interests.
She is a successful and results-oriented Information Security
expert with hands-on information security experience in security
monitoring, incident response, risk assessment, analysis, and
architecture and solution design. She holds the following
certifications, CISSP, GIAC-GSEC, CRISC and SFCP. In March 2012,
she earned her Masters of Science in IT (MSIT) specializing in
Information Assurance and Security. She is currently the Manager of
Security Informatics - Threat Analysis and Response at Mayo Clinic.
She is building a smart response architecture for incident
response from the ground up.
Ben Meader ( @blmeader ) - Ben Meader is
a Senior Security professional with a unique blend of technical
acumen and business know-how. Meader’s security thought leadership
has been battle tested at multi-national firms over the past 13
years ranging from network security and operational security to
performing detailed risk assessments and implementing a firm-wide
privacy program. He remains up to date in both security and
business having received his M.B.A. from DePaul University and has
a current CISSP. He is also active in the entrepreneurial community
and is Co-Founder of a mobile application company on the
side. His education and range of experiences in working with
firms both large and small have given him a unique perspective on
the role of security within different business cultures and how
competing philosophies can collide.
Security. Some assembly required.
Security is HARD, and 'real security' is a compromise between usability and security while knowing you're still accepting risk.
This podcast alternates between interesting interviews and news analysis every other week - tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.
Follow us on Twitter: @DtSR_Podcast
Check out Rafal's SecurityWeek column: http://www.securityweek.com/authors/rafal-los