Code to Cloud Lacework

This episode of Code to Cloud features a discussion with the Global CISO at Church and Dwight Co., the parent company of brands like Arm & Hammer and OxiClean. And at Church & Dwight Co., David transformed the global enterprise-wide information security program key areas of strategy, risk management, and compliance, among others. Prior to joining the company in 2020, David spent over 22 years in security at Bed, Bath & Beyond. David and host Andy Schneider, Field CISO EMEA at Lacework, discuss the primary cyber threats facing the manufacturing sector, with a specific focus on ransomware, and the strategies utilized by Church & Dwight to mitigate these threats, including a robust third-party vendor assessment process. Ortiz highlights the importance of adaptability in cybersecurity, the role of leadership qualities such as empathy, accountability, and urgency, and underscores the significance of identity management, preparedness, and swift response in enhancing cyber resilience. The conversation also covers the benefits and considerations of moving services to the cloud, reflecting on the necessity of collaboration between cybersecurity teams, manufacturing units, and other stakeholders to safeguard against an ever-changing threat landscape.

This episode of Code to Cloud features a discussion with Immuta's CISO, Mike Scott, and Co-Founder and CTO, Steve Touw, hosted by Andy Schneider, Field CISO EMEA at Lacework. Mike is a highly experienced and accomplished leader in information and data security, real-time analysis of immediate threats, and IT and infrastructure designs. And Steve is known for his data science work with US Special Operations Command and the US Intelligence Community. The conversation centers around the importance of a 'shift left' culture in software development, emphasizing security from the start of the development process. Both guests share how this approach has enabled Immuta to move to a SaaS model, deliver features and security fixes more rapidly, and foster a strong security culture by bringing the CISO and CTO teams closer together. Practical insights include the adoption of communication tools like Slack, the significance of automation in maintaining a rapid release cadence, and the importance of understanding employee communication styles using the DISC assessment. The discussion also touches on overcoming conflicts and the critical role of setting realistic goals in achieving security and compliance milestones.

This episode features an interview with Jenny Brinkley. Jenny is Director of Amazon Security at AWS. Prior to joining Amazon, she co-founded an artificial intelligence start-up called Harvest.ai focused on protecting highly sensitive data using behavior analytics to prevent data loss. Harvest.ai was then acquired by AWS in April 2016. Jenny has also been awarded a few patents focused on data loss prevention and the right to be digitally forgotten. And on this episode, Jenny and host Tim Chase discuss the value of personal data, the importance of security at the executive level, and diversification of the workforce.

This episode features an interview with Sean Wright. Sean is Head of Application Security at Featurespace, the world leader in Enterprise Financial Crime prevention for fraud and Anti-Money Laundering. He is an experienced application security engineer, having started his career as a software developer. His expertise is in web based application security with a special interest in TLS related subjects. And on this episode, Sean and host Andy Schneider discuss navigating AppSec in the cloud age, finding and leveraging security champions, and Sean’s take on open source as it relates to supply chain risks with third party software libraries.

This episode features an interview with Jeff DeVerter, Chief Technology Evangelist managed cloud computing company Rackspace. He has over 25 years of experience in IT and technology, and has worked at Rackspace Technology since 2008. Over his career, Jeff has helped companies like American Express, Ralph Lauren, and Thomson Reuters create and execute against multi-year digital transformation strategies. And on this episode, Jeff and host Tim Chase discuss how to navigate an excessive amount of data due to the popular use of AI, why security by obscurity is ineffective, and aligning day-to-day security duties with business goals.

This episode features an interview with Dr. Kevin Tham. Kevin is a CISO leader in the Australian Digital Banking sector and a seasoned information security veteran in the financial services industry. Most recently, he served as CISO at etika, a purpose-driven lender. And on this episode, Kevin and host Tim Chase discuss cryptography including how it’s changed over the last 25 years, and how quantum computing and AI will affect it. They also discuss handling cybersecurity incidents from first steps to when to notify the board.