The conversation revolves around the challenges and necessary changes in cybersecurity practices, particularly in light of recent incidents like the SolarWinds breach. The speakers discuss how CISOs (Chief Information Security Officers) need to adapt to evolving threats and the importance of transparency and proactive measures in cybersecurity management.

Here is the verbatim discussion:

It happens but if you've got that documentation to show hey yes you were acting in good faith you know it's it's kind of tough for somebody to get convicted uh uh for fraud uh when they can show that so Jim you know how do we change what should we be thinking about what's your advice to CE as we look forward even not knowing the resolution of this case yeah I think there's actually three levels of fundamental change that we are seeing and will continue to see going forward uh from a ceso perspective the first is that um identity access management capability embedded in a devops process in a software pipeline uh is really weak from a practice perspective in the industry today uh and there's a whole bunch of drivers and reasons for that but you know essentially Cloud first software development is fundamentally different than on-prem software development and as cyber security practitioners we have to understand the differences esos today adapt and again the case isn't decided there is no conviction innocent till proven guilty but from the perspective of what we're seeing in the news and what we're all discussing as a community how should cisos start to adapt your thoughts yeah it's a GameChanger it really is um and we can say oh no we kind of saw some of this happening and the cisos you know they want to see at the table we're going to give them that it changes the direction of what a ciso is going to be responsible for and I um there has to be an intentional deceit on behalf of you in your capacity so okay so then second question same scenario if you were a shareholder right of solar winds at the time would you want to know as part of that disclosure because you have a right to be informed would you want to know that the management of your investment has known about active attacks for six months in their primary product Jim yeah what I would want as a shareholder is for the uh company that's in this case a software company to recognize that software supply chain poisoning which is the net effect and impact act on Enterprises uh is probably the number one risk to the Enterprise from a cyber security standpoint and therefore um the the right attention right level of resource allocation and right level of uh practice needs to be put in place uh as part of a response.

Highlights:

Documentation and Good Faith:

• It's challenging to convict someone of fraud if they can demonstrate they acted in good faith. Proper documentation can be a crucial defense.

Impact of SolarWinds Breach:

• The SolarWinds incident is a significant game-changer, highlighting the need for CISOs to have a prominent role in organizational strategy and decision-making.
• There needs to be intentional effort and transparency regarding cybersecurity threats and responses.

Shareholder Expectations:

• Shareholders would want to be informed about significant cybersecurity incidents, such as active attacks on key products.
• They expect the company to recognize and address software supply chain risks, which are now considered one of the top threats to enterprises.

The conversation underscores the necessity for CISOs to adapt to the changing cybersecurity landscape, emphasizing the need for robust identity access management, transparency with shareholders, and proactive resource allocation to mitigate risks. The SolarWinds breach serves as a catalyst for these changes, pushing for an elevated and strategic role for CISOs in safeguarding enterprise security.

Speakers:

Jim Routh a board member, advisor and investor with specific expertise as a transformational security leader focused on applying risk management discipline to a converged security function for global enterprises to achieve enterprise resilience. Demonstrated track record of designing security control using innovation and data science to align senior executives to deliver world-class level security capabilities to drive positive business results in a digital world.

https://www.linkedin.com/in/jmrouth/

Micheal W. Reese Over 30 years’ experience in Information Technology serving in senior executive positions encompassing security, general operations management, project management, process change and development, business development as well as service and product management functions. A Cybersecurity Specialist, licensed as a Computer Forensics Investigator, Certified Information Systems Security Professional, Hacking Forensic Investigator and Fire and Explosion Investigator . Assisted both the DOJ and FBI on several matters, worked with High Tech Crime Units in Portland and Sacramento. Given expert witness testimony in hearings, depositions and at trial.

https://www.linkedin.com/in/michael-w-reese/

Matthew Rosenquist is a seasoned cybersecurity strategist and Chief Information Security Officer (CISO) with over three decades of experience. With a remarkable career at Intel Corporation spanning 24 years, he spearheaded key security initiatives, including establishing Intel's first Security Operations Center and leading cyber crisis response teams. As an influential figure in the industry, he currently serves as the CISO for Eclipz and advises numerous organizations worldwide on cybersecurity, emerging threats, privacy, and regulatory compliance. With a unique ability to bridge technical expertise with business acumen, Matthew is renowned for developing effective security strategies and enabling organizations to navigate complex cyber risks while optimizing security, privacy, and governance.

https://www.linkedin.com/in/matthewrosenquist
https://twitter.com/Matt_Rosenquist