This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the importance of clear definitions in the cybersecurity industry. The conversation explores the need for a product security revolution and the importance of transparency and trust in security vendors.
Allie Mellen is the author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield. She is a leading industry analyst who advises the Global 2000 on cybersecurity policy and practice, with a focus on detecting and responding to nation-state attacks. She is a featured speaker at many leading security conferences, including RSA Conference, Black Hat, SANS events, and others. Her insights are frequently featured in top business and technology outlets such as NPR, The Wall Street Journal, and The Washington Post.
Jeff primarily contributes to Forrester’s offerings for security and risk professionals. He leads Forrester’s research on the role of the CISO, specializing in topics related to security strategy, budgets, metrics, business cases, and presenting to the board. His research also includes security services, featuring global coverage of managed security services, professional security services, and security-as-a-service. Jeff also takes an active role in Forrester’s forward-looking research on security innovation, the security market, and security predictions.
