Today’s episode is part two of our conversation with former White House CIO, bestselling author and founder and CEO of Fortalice Solutions, Theresa Payton. If you missed part one, you can start here and go back to that episode. Or, you can start there and come back to this one – but you’re already here, so maybe just stick around?
Automated incident response can help security teams identify and respond to cyber threats faster. When a breach happens, delays equal costs. Today, a cyber attack happens every 39 seconds, and the global average total cost of a data breach is the highest it’s been in 17 years. In this environment, a low response time is crucial to reducing cyber risk.
Our previous research on CVE exploitability in the top DockerHub images discovered that 78% of the reported CVEs were actually not exploitable. This time, the JFrog Security Research team used JFrog Xray’s Contextual Analysis feature, automatically analyzing the applicability of reported CVEs, to scan OWASP WebGoat – a deliberately insecure application. The results identified that out of 60 CVEs reported with a Critical CVSS score, only 10 are actually applicable.
In all relationships, issues can arise. The key to solving those issues is to have a clear understanding of the issue itself. For instance, when a customer reports an issue it is critical to listen to the customer with patience and empathy so that they feel understood, and to assure them that they will receive assistance promptly. Furthermore, product issues can present themselves in various forms of complexities.
In this episode of the Future of Security Operations podcast, Thomas interviews Andreas Schneider - the Field CISO EMEA at Lacework. Leveraging its data-driven platform and cloud-native application protection solution, Lacework helps organizations make sense of immense amounts of security data with minimal effort.
