Training

Security Debt, Running with Scissors

40 minutes

Security Debt, Running with Scissors

Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is a serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. Part of the problem is that, while organizations might accept the risks they encounter, they often neglect to review them or make a plan for the future, and that risk is compounded when patches are passed from person-to-person through staff changes and/or employee churn. However, it doesn’t have to be this way - to track and address security debt, organizations must develop and implement defined, repeatable processes. They should look to strategies like the zero-trust model, trust but verify, sanitation of inputs and outputs, and of course, make sure to execute patches instead of pushing it onto the next person.

See Also: Code to Cloud Roadshow - Minneapolis In-Person Event hosted by Palo Alto Networks

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access

Have an account? Sign in.

Events

You might also be interested in …

Cybersecurity Struggles: The Midmarket's Complex Battle

Cybersecurity Struggles: The Midmarket's Complex Battle

Unveiling Security Automation: Perception vs. Reality (eBook)

Unveiling Security Automation: Perception vs. Reality (eBook)

Securing Applications, Accelerating DevOps With Clean Code

►

Securing Applications, Accelerating DevOps With Clean Code

Unveiling Security Automation: Perception vs. Reality

►

Unveiling Security Automation: Perception vs. Reality

KillNet: The Next-Generation DDoS Group?

►

KillNet: The Next-Generation DDoS Group?

Expel: Firms Still Threatened by Old Vulnerabilities

►

Expel: Firms Still Threatened by Old Vulnerabilities

Combat IT Team Burnout by Embracing Automation

►

Combat IT Team Burnout by Embracing Automation

Detecting and Mitigating Fraud Through Trust Building

Detecting and Mitigating Fraud Through Trust Building

Defending Against Emerging Threats in Mobile Security

Defending Against Emerging Threats in Mobile Security

Around the Network

How 'Security by Default' Boosts Health Sector Cybersecurity

How 'Security by Default' Boosts Health Sector Cybersecurity

Protecting Medical Devices Against Future Cyberthreats

Protecting Medical Devices Against Future Cyberthreats

Why Health Firms Struggle with Cybersecurity Frameworks

Why Health Firms Struggle with Cybersecurity Frameworks

Is It Generative AI's Fault, or Do We Blame Human Beings?

Is It Generative AI's Fault, or Do We Blame Human Beings?

Transforming a Cyber Program in the Aftermath of an Attack

Transforming a Cyber Program in the Aftermath of an Attack

Identity Security and How to Reduce Risk During M&A

Identity Security and How to Reduce Risk During M&A

Medical Device Cyberthreat Modeling: Top Considerations

Medical Device Cyberthreat Modeling: Top Considerations

Evolving Threats Facing Robotic and Other Medical Gear

Evolving Threats Facing Robotic and Other Medical Gear

How the NIST CSF 2.0 Can Help Healthcare Sector Firms

How the NIST CSF 2.0 Can Help Healthcare Sector Firms

Safeguarding Critical OT and IoT Gear Used in Healthcare

Safeguarding Critical OT and IoT Gear Used in Healthcare

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.