Episode #
31
Postman's Joshua Scott on How Security Protects APIs and Builds Customer Trust
Show Notes
In this week's episode of the Future of Cyber Risk podcast, David speaks to Joshua Scott, Head of Information Security & IT at Postman. They discuss the importance of security as more companies use APIs, and how better security improves reputation and trust with customers. They also talk about how practitioners can communicate more simply when dealing with other teams, why inventory is the biggest challenge to API security today, and the role of AI in the future of cyber risk.
Topics discussed:
Why security has become a priority as APIs become more of a critical component for businesses.
Why increasing their empathy and focusing on simplicity will help practitioners improve their approach to security.
The key skills a security practitioner should possess, including passion and the ability to automate.
How Postman raises security awareness internally to maintain their security posture organization-wide.
The biggest challenges to API security today, like knowing your inventory and managing credentials.
The role AI will play in the future of cyber risk management.
Advice on how to be a partner and enabler of business growth in your organization.
Quotes from Episode
#1.)
"At the end of the day, speak the business language. Let's find a way to kind of translate that risk into something simple. Teams don't want to see a list of vulnerabilities with here's all the technical details of it. They want to understand what the impact is from a business standpoint. Hey, this is what it means to you. Downtime, lost money, lost data. When you make it simple like that, it's much easier." (10:20-10:38)
#2.)
"Finding those folks who are really passionate about technology ... those are the soft skills I look for. Because if you put somebody on something that they're really passionate about and they're curious about, they're going to do amazing things." (12:41)