We're changing our name.
Verodin is now Mandiant Security Validation. Click here to learn more.

Model Application for the Evolving Threat Landscape

December 3, 2019

Summary

The threat landscape a mighty beast in and of itself -- vast and, perhaps more importantly, constantly changing. In this episode, Brian chats with industry thought leader John Pironti about using threat and security models to consistently monitor landscapes, test scenarios, and why you should prioritize risk management.

I don't believe you can do security until you understand risk. And when I go speak to an executive I never talk to them about security first. I talk to them about risk management first. As in let’s talk about what risk appetite we have, what's our profile, what's acceptable, what are you comfortable with, what's okay for you and then I'll build you instrumentation models and security controls and things like that, that will ensure that we're monitoring to that level of comfort, to that level of capability. We're supporting you in that way and we're demonstrating you with data in a way that you can correlate and say, yes I see how these controls are actually helping me. They don't need to understand how our firewall works, they don't understand how encryption works in detail, how then correlation works, how threat modeling works. They just need to understand principally at a high level.
Episode Tags

John Pironti

John Pironti is a risk and security advisor with ISACA and president of IP Architects. He has designed and implemented enterprisewide electronic business solutions, information security programs, and threat and vulnerability management solutions for global clients in a range of industries...

Return to Podcast

Get new cybersecurity effectiveness podcasts delivered straight to your inbox.

We will never sell or distribute your information.