BSW #290 – Tim Brown
Full Audio
View Show IndexSegments
1. Secure by Design: Implementing Lessons Learned from the SUNBURST Attack – Tim Brown – BSW #290
SolarWinds has been on the journey of Secure by Design since the Sunburst incident in late 2020. Secure by Design is a practical approach to minimizing risk. It involves advanced build systems, an assumed breach model, proactive testing, audit, increased visibility and sharing lessons externally.
Segment Resources: https://www.solarwinds.com/secure-by-design-resources
Announcements
Thank you for listening to or watching our podcasts! We want to ensure that we are creating the most relevant and useful content for our audience across our network! It is crucial to us that we are delivering to you more of what you want to hear and learn about. Please take a few minutes to complete our listener survey so that we can craft our content based on your needs. Visit https://securityweekly.com/survey to submit your feedback.
Guest
Tim Brown joined SolarWinds in 2017 as vice president of security and is now the CISO for SolarWinds, overseeing internal IT security, product security, and security strategy. After the SUNBURST attack in December 2020, Tim Brown led the response and remediation efforts. Tim has spoken to thousands of customers and has been instrumental in all customer remediation support and services. He has worked closely with the SolarWinds® CEO in designing the future state of security and their “Secure by Design” philosophy. This new philosophy on software design will not only benefit SolarWinds but the industry as a whole, and it sets a precedent for responses to future cyberattacks. As a former Dell Fellow and CTO, Tim deeply understands the challenges and aspirations of the person responsible for driving digital innovation and change. Tim has over 25 years of experience, and his trusted advisor status has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. He’s also an avid inventor and holds 18 issued patents on security-related topics.
Hosts
2. CISOs, BISOs, and the Power of Positive Leadership – BSW #290
In the leadership and communications section, The CISO Role is Broken, Five Cybersecurity Resolutions CISOs Can Actually Keep In 2023, Are Cyber Attacks at Risk of Becoming ‘Uninsurable’?, and more!
Announcements
Dive deeper into the world of cybersecurity with Security Weekly on Instagram! Follow us @SecWeekly to find exclusive clips, hilarious memes, behind-the-scenes sneak peeks, and more! Stay connected, stay informed, and join our growing community!
Hosts
- 1. The CISO Role is Broken
CISOs should be oriented around the transformational — they should be champions of the proactive; they should be builders; They should be thinking creatively, rigorously, and technically about the kinds of innovations that could produce the greatest safety for the organization. They should be transforming GRC programs to subvert its traditional paper-policy approach to engaging their peers and take a more active, engineering approach (Policy-as-code is fertile ground here).
- 2. Must-know insights, the evolution of the CISO role – CyberTalk
As the global cyber threat landscape expands, destructive cyber attacks engender alarming levels of damage, and risk management reemerges as a business focal point, the nature of the CISO role has begun to shift.
The role of the Chief Information Security Officer (CISO) is currently in a state of flux, especially as risks change and as more stringent regulations and compliance mandates come into play. This once niche role is now critical for modern enterprises, and requires the recalibration of expectations around the job’s function.
- 3. Five Cybersecurity Resolutions CISOs Can Actually Keep In 2023
Start off 2023 with this list of five realistic resolutions aimed at helping you end the never-ending cycle of "maybe next year."
- Stay up to date on trends and technologies.
- Broaden the scope of your strategy.
- Strengthen your culture of security.
- Schedule recurring security assessments.
- Nurture your important internal partnerships.
- 4. The BISO: bringing security to business and business to security
Even the most tech-savvy leaders can use an effective liaison between corporate and cybersecurity—the business information security officer (BISO) bridges communications gaps and acts as a security evangelist and gatekeeper.
- 5. Are Cyber Attacks at Risk of Becoming ‘Uninsurable’?
Back near the end of December 2022, Mario Greco, chief executive at insurer Zurich, told the Financial Times that cyber attacks are set to become “uninsurable.”
As you might expect, these comments have set off global alarm bells.
- 6. Winning the talent war: Keys to success in building & scaling your security team – CyberTalk
The cyber security industry is facing a massive talent shortage. As the CISO or CTO of your enterprise, you’re well-aware of the challenge that is finding and retaining high-caliber cyber security talent. Security employees cite continuous burnout, competitive offers and lack of career progression opportunities as reasons for leaving workplace environments.
The cyber security pipeline remains narrow, and the path to a game-changing talent strategy is complex and ambiguous. How should your organization aim to attract talented, experienced cyber security professionals?
- 7. “The Power of Positive Leadership”
Positive leadership can have a powerful impact on team morale, productivity, and overall success. Here are a few key benefits of positive leadership:
- Improved team performance: Positive leaders create a supportive and collaborative work environment, which can lead to better teamwork and higher levels of productivity.
- Increased employee engagement: When employees feel valued and supported by their leader, they are more likely to be engaged and motivated in their work.
- Better decision-making: Positive leaders tend to approach challenges with a solution-focused mindset, which can lead to better decision-making and problem-solving.
- Higher retention rates: Employees are more likely to stay with a company when they feel valued and supported by their leaders.
- Improved company culture: Positive leadership can help create a positive company culture, which can have a ripple effect on all aspects of the business.