Our Latest Product Release Includes Shiny New Security Vulnerabilities

Published: Sept. 10, 2018, 10:33 p.m.

We have an exciting announcement. Our latest version of the podcast is packed with new features and they're riddled with security holes. We know you wanted the features. The security vulnerabilities are just a bonus.

On this episode of the CISO/Security Vendor Relationship Podcast, we discuss:

  • Cybersecurity burnout: How bad is it? What can be done to mitigate it? And what are the warning signs? All tech professionals have burnout issues, but InfoSec has it toughest because it's very hard for them to get a sense of accomplishment for their work.
  • CISO/Security Vendor Relationship Podcast is making an impact in the vendor community: We hear multiple stories from vendors how the advice from Mike and the guests is really changing the way they reach out to security professionals.
  • Are you willing to release a product with known security vulnerabilities? What if the customer really demands the new feature next week and they're expecting it, but remediation may take much longer. Do you give the customer what they want, or are there other solutions?
  • What's Worse?! We play a round of picking the worse of two evils. This one is all about training your staff.
  • We unleash another pitch on the security professionals: Their response will surprise you as will the outcome of this pitch.
  • Dumb CISO mistakes: This one actually may not be so dumb. It could actually be good advice when it comes to product testing.
  • Ten-second security tip: This one offers up a more holistic view of security that you may have not considered, but definitely should.

Special thanks to\xa0Signal Sciences\xa0for sponsoring this episode. If you\u2019re using WAFs, make sure you read \u201cThree Ways Legacy WAFs Fail,\u201d by their head of research, James Wickett.

As always, the show is hosted by me,\xa0David Spark\xa0(@dspark), founder,\xa0Spark Media Solutions\xa0and\xa0Mike Johnson, CISO,\xa0Lyft. Our guest is Anne Marie Zettlemoyer, a security strategist and independent researcher who is also on the board of directors for SSH.

\xa0