My guest today is David Linthicum. David Linthicum is the Chief Cloud Strategy Officer at Deloitte Consulting and has been named the #1 Cloud Influencer via a major report by Apollo Research. David is a Cloud Computing Thought Leader, executive, consultant, author, and speaker, who has been a CTO five times for both public and private companies, and a CEO twice in the last 25 years.
Few individuals are true giants of cloud computing, but David's achievements, reputation, and stellar leadership have earned him a lofty position within the industry. It's not just that he is a top thought leader in the cloud computing universe, but he is often the visionary that the wider media invites to offer its readers, listeners, and viewers a peek inside the technology that is reshaping businesses every day.
More specifically, David is a Gigaom research analyst on cloud computing and enterprise applications and writes prolifically for InfoWorld as a cloud computing blogger. He is also a contributor to, IEEE Cloud Computing, Tech Target's SearchCloud, and SearchAWS, and is quoted in major business publications including Forbes, Business Week, The Wall Street Journal, and the LA Times. David has appeared on NPR several times as a computing industry commentator, and he also does a weekly podcast on cloud computing.
With more than 13 books on computing, more than 5,000 published articles, greater than 500 conference presentations, and numerous appearances on radio and TV programs, David has spent the last 20 years leading, demonstrating, and teaching businesses how to use resources more productively while continuously innovating.
When I talked with David, he had recently written a great article that I loved, Cloud security secrets your cloud provider doesn't want you to know. Asking the obvious question was a perfect starting point for our conversation because I really wanted to know - What are the secrets some of the providers don't want you to know?
I'm excited for you to tune in to this compelling interview.
Here are some questions answered in this podcast.
Businesses have a tendency to learn from pain. Now is the time to think independently and question why things are currently done this way.
Cloud security will only improve in a culture that challenges the status quo.
We need to make architectural trade-offs as to what we can do pragmatically with the technology that's out there.
Security can hinder performance and cost way more money each month if not engineered into the applications and data stores correctly.
Why you should have a Cloud Complexity Management Methodology?
Cloud-native security solutions offered by the big providers are not helpful if you have a heterogeneous multi-cloud solution.
Training counts more than technology - every dollar you spend on cloud training, you remove a thousand dollars as the cost of risk from your system.
When you hire people, you need to hire people who are typically going to be continuous learners, autodidacts which is more than specific skill sets
How can you have one security system that's much better than three security systems even though that one security system doesn't cover every feature and function that you need?
Why create a security domain that deals with complexity and volatility that you can configure and change quickly.
How to Connect with this Guest:
Articles written by David Linthicum referenced in Podcast:
Cloud security secrets your cloud provider doesn't want you to know. Cloud security seems like something specific to a cloud provider, but emerging approaches and technologies are changing the game. 4/17/20
Are you Ready for the Brandpocalypse? by David Linthicum. Published on LinkedIn, 8/17/19
You can go to the show notes to get more information about this interview and what we discussed in this episode. You'll find the show notes at redzonetech.net/podcasts.
Leave A Review:
Love this episode? Share it with your LinkedIn community here.
If you haven't already, please make sure you leave us a review on iTunes or Stitcher. Not sure how to leave a review? Check out the instructions here.
About Bill Murphy:
Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader.
Follow Bill on LinkedIn and Twitter.
If you are interested in learning more about RedZone and our security expertise in particular related to Cloud and Email Security Kill Chain Strategy, Techniques, and Tactics you can email firstname.lastname@example.org.
Music provided by Ben's Sound: http://www.bensound.com/
Today my guest is Masha Sedova, the co-founder of Elevate Security delivering the first people-centric security platform that leverages behavioral-science to transform employees into security superhumans.
Elevate's unique Security Behavior Platform uses data to score employee risks, show actionable trends and practical feedback to motivate, reward and reinforce smart security behaviors of employees. This new approach to security awareness earned Elevate Security a spot in the 10 Finalists in the Innovation Sandbox Competition at the RSA 2020 Conference.
Masha is a member of the Board of Directors for the National Cyber Security Alliance and a regular presenter at conferences such as Blackhat, RSA, ISSA, Enigma, and SANS.
As we begin our conversation, Masha emphasizes the importance, no the urgency, of looking for the ‘silver lining’ of our disruptive event and how we can embrace the opportunities it presents to emerge with unique outcomes for positive change.
Since human error accounts for about 90% of all breaches, Masha explains how new thinking and understanding of security awareness and training can be one of your ‘crisis opportunities’ to improve.
It’s all about the data. One of RedZone's big ambitions is to essentially create a biological response on the networks, creating systems that are automated at scale. So, I ask Masha why she thinks we haven’t begun using data in the workplace the way we use it in other areas of our lives – like fitness. You may have a fully integrated Fitbit, so why haven’t we considered implementing similar data integration and thinking into our organization’s security awareness platform?
There are some really great concepts and tools that we discuss here. This conversation will give you a chance to understand how to get out of the tactical fear part of your brain and really look into the strategy of security.
This is an episode that you do not want to miss.
Here are some of things that you will learn in this podcast episode:
- Human error creates 90% of threat events
- Behavioral Science behind changing behaviors – You must have all three
- Motivating factors
- Heroes, Champions and Risk Takers | Segmenting an Organization into a concept called ‘cohorts’
- Including the user as part of the ‘team’ with ongoing communication
- The Learning Pyramid – Organizations should develop training with the best methods of retention.
- Empowering people has an exponential impact within the organization
How to Connect with Masha Sedova
Resources + Books Mentioned
The Power of Habit: Why We Do What We Do In Life and Business, by Charles Duhigg. Published by Random House Publishing Group, February 2012.
About Bill Murphy
Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT business leader.
If you are interested in learning more about my company, RedZone Technologies, and our security expertise, in particular related to Cloud and Email Security Kill Chain Strategy, Techniques and Tactics you can email email@example.com.
Leave A Review
Love this episode? Share it with your LinkedIn community here.
Credits + Other Stuff
Music provided by Ben’s Sound: http://www.bensound.com/
Other Ways to Listen to the Podcast: