Episode #
29
Verizon's Bob Carver on Building a Culture of Security
Show Notes
In this week's episode of the Future of Cyber Risk podcast, David speaks to Bob Carver, Principal Cybersecurity Threat Intelligence and Analytics at Verizon. They discuss the importance of looking for subtle issues no one else may see, why security practitioners should gain more awareness in network and sysadmin activities, and how to build a culture of security. They also talk about how to train staff about phishing and social engineering, what the future of cyber will look like, and advice for improving risk management programs.
Topics discussed:
What a day-in-the-life looks like, starting with scanning packet captures for anomalous activity and looking for risk no one else sees.
Why more security practitioners should increase their knowledge of network and sysadmin activity for a more well-rounded approach to security.
What types of training leaders can take to increase their staff's security awareness, including phishing and responsible downloading.
What the future of cybersecurity will look like, including more AI and ML influence in risk assessments, more automation, and fewer silos.
How to write more secure code, and how LLMs will help.
Advice for security leaders for a better risk management program, including proper visibility and context, and building a culture of security.
Quotes from Episode
#1.)
"What I'm looking at is the stuff that nobody else really sees, the stuff that's not already made it to the highest priority critical alert. The SOC analysts handle those types of things. I'm looking for really subtle things that I can later, if I find more badness behind it, I may end up making my own intrusion detection signatures or work with other people to have the rules or intrusion detection signatures that later can be used for other analysts to look at." (5:50-6:31)
#2.)
"Start developing a security culture in your organization where the buy-in is from not only the IT organization, but all the business units and to be able to make it a positive thing going forward where everybody works together for a greater goal." (41:08)