Episode 32

Technically Validating the Efficacy of our Security Programs

Published on: 15th October, 2024

In this episode of the The Smart IT podcast, I welcomed Derek Krein, to the show. We discussed cybersecurity and the challenges organizations face in protecting themselves from threats. The conversation explored the importance of validating the effectiveness of cybersecurity investments. The focus shifted to evaluating security controls, with an emphasis on technical assessments using various tools to gain an attacker's perspective. We talked about how to help answer our organization's question of "are we we getting a good return on our security investments?"

The discussion touched on the significance of understanding threat actor tactics and behaviors, particularly interactive, hands-on attacks and the use of information stealers and administrative utilities for lateral movement and data exfiltration. The conversation concluded with a focus on proactively staying informed about threat trends and behavioral patterns to prioritize cybersecurity efforts and effectively defend against evolving cyber threats.

Link to this episode: https://youtu.be/NQBtBvKu9oQ

#cybersecurity #ciso #riskmanagement #threatintelligence #vulnerabilitymanagement #bas #smartit


Podcast Production: Brilliant Beam Media Syya Yasotornrat


Show Notes:

All Episodes Previous Episode

Listen for free

Show artwork for The Smart IT Podcast

About the Podcast

The Smart IT Podcast
Where IT explores what's next...
The Smart IT Podcast, where IT professionals can assemble and hear from each other, industry leaders, thought leaders, and those in adjacent fields to collaborate and learn from each other and explore what’s next for IT.

The Smart IT Podcast explores what’s next for IT as it continues to find ways to get the important things done for our organizations.
Preparing for the next decade, we need to think differently about how we approach our work to continue to thrive into the future.

Smart IT is an approach, conceptual framework, and development model to getting the important things done by transforming the way traditional IT thinks, works, and leads. It supports the disruption of the status quo, simplifies the complex, reduces uncertainty, and improves risk mitigation.

There has never been more pressure to deliver for our organizations; but I know IT is up to the challenge.

That will require IT to lead by working smarter. Let’s do it together.

About your host

Profile picture for William Reed

William Reed

I am an advisor of technology for business use, have seen the possibilities, the challenges, the constraints, and the risks. I have seen firsthand the technical debt, silos, broken communication, despair of IT, and business frustrations. And, I have seen the possibilities, the hopes, and the opportunities while working in the trenches of IT.

As someone that has analyzed, designed, built, and supported technology infrastructure for many businesses over the years, and followed the technology trends and cyber threats, I see the opportunities for our organizations and for the professionals of IT as a fulfilling and thriving career.

I believe we have been blessed with great opportunities to continue to improve ourselves and organizations. If it’s possible, there is no reason enterprise IT cannot reach new heights and help our businesses thrive in age of disruption, complexity, and risk.

I have a passion is bringing a fresh perspective to the challenges in front of IT and help inspire a team to tackle and win. And to help individuals and organizations make better decisions to improve outcomes and experiences.

I advise on matters of technology use for organizational benefits. He has over 20 years’ experience in the Information Technology field. He has worked for multiple technology value added resellers, representing the major vendors and technologies in the industry. He has consulted across the major industries, including banking, health care, retail, oil & gas, education, government, finance, and legal.