10 episodes

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. In each episode, NopSec’s CEO Lisa Xu will interview industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management. This show is brought to you by NopSec.com

Future of Vulnerability Management NopSec

    • Business
    • 5.0 • 1 Rating

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. In each episode, NopSec’s CEO Lisa Xu will interview industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management. This show is brought to you by NopSec.com

    Kyle McNulty on How to Reinvigorate the Vulnerability Management Category

    Kyle McNulty on How to Reinvigorate the Vulnerability Management Category

    In today’s episode, NopeSec's CEO, Lisa Xu, speaks with Kyle McNulty, entrepreneur and host of Secure Ventures podcast, a platform for security founders to tell their stories. Kyle is a security consultant and advisor, helping startups balance and implement security amidst competing priorities. 
    On the Secure Ventures podcast, Kyle McNulty interviews founders, executives, visionaries, and creators in the cybersecurity industry. The conversations include deep dives into fascinating backgrounds, explanations of transitions into cybersecurity, and the challenges and successes that have shaped their careers.
    Topics discussed: 
    How Kyle kicked off his consulting and podcasting career through cold outreach. 
    The most common challenges Kyle hears from vulnerability management managers. 
    The downside of only addressing the critical and high priority vulnerabilities. 
    The fundamental root causes of vulnerability overload. 
    The multi-dimensional challenges of balancing innovation and managing the vulnerability landscape. 
    How security can be a true enabler to an organization and improve overall business processes.
    How the industry can invigorate the vulnerability management category to better engage security practitioners.
    What surprises Kyle about centralization.
    The importance of automation in vulnerability management to create more stimulus and provide more valuable insights. 
    Kyle’s practical advice for vulnerability management managers to succeed in the future. 

    • 27 min
    Leslie Forbes: Why it’s Important for Security Practitioners to Understand Business Logic to Prioritize Vulnerabilities

    Leslie Forbes: Why it’s Important for Security Practitioners to Understand Business Logic to Prioritize Vulnerabilities

    In today’s episode, NopeSec's CEO, Lisa Xu, speaks with Leslie Forbes, Vulnerability Management SME, at Axonius, a cybersecurity asset management platform. Leslie is a technologist at heart, committed to bridging the gap between commercial and technological sides. At Axonius, he helps technical account managers and sales engineers teams engage with customers to provide the best expertise in each of the verticals the company supports. 
    Topics discussed:
    How Leslie sees vulnerability management challenges across different customers and industry verticals 
    Leslie’s interpretation of risk-based prioritization 
    Data overload across all sources and how to triage assets to better focus on crown jewel assets 
    Why it’s important for security practitioners to understand business logic to better prioritize vulnerabilities 
    Breaking down the fundamental hygiene problem many vulnerability management teams face 
    Measuring the risk of a vulnerability in contrast to the impact of the vulnerability
    The areas in vulnerability management that need automation the most 
    Life cycle management and how to reach the end goal
    Leslie's predictions on the future of vulnerability management

    • 27 min
    Tunde Oni-Daniel: How Organizational Culture Affects Consensus about the Criticality of Assets

    Tunde Oni-Daniel: How Organizational Culture Affects Consensus about the Criticality of Assets

    In this episode, NopeSec's CEO, Lisa Xu, speaks with Tunde Oni-Daniel, Head of Technology Operations and Engineering at OneMain Financial. OneMain Financial is the leader in offering nonprime customers responsible access to credit and has been dedicated to improving the financial well-being of hardworking Americans since 1912.
    During the episode, Tunde brings his considerable experience in technology operations and engineering to provide a unique perspective on vulnerability management and other critical security concepts. 
    Topics discussed:
    Tunde shares how early in his life, being vulnerable enough to recognize what he didn't know but finding creative ways to attain the knowledge he needed helped shape his career. 
    Based on his experience working in various industries, Tunde talks about his observed differences and similarities in operational risk management.
    Tunde explores some of the challenges organizations experience as they struggle to establish and communicate the criticality of data and other digital assets across their enterprise. 
     Lisa and Tunde dive into the idea that security leaders must continually focus on what is most important to the organization and build resiliency for those assets in their systems. 
    The conversation examines the idea that organizational culture affects how well leaders can achieve consensus about the criticality of assets.
    Tunde emphasizes the importance of understanding the language of the board to effectively communicate with executives or stakeholders who are not coming from technology or cyberspace.
    Lisa and Tunde touch on how vulnerability management can affect cyber insurance.

    • 24 min
    Yabing Wang on How Practitioners Can Use Vulnerability Management to Improve Business Objectives

    Yabing Wang on How Practitioners Can Use Vulnerability Management to Improve Business Objectives

    In this episode, we are joined by Yabing Wang, the CISO at Justworks. Justworks takes the busyness out of growing a business and alleviates the unknown. NopSec's Lisa Xu talks with Yabing about her multifaceted cross-discipline journey to become a leader in the field of cybersecurity. 
    In this interview, Yabing shares her insights into best practices for vulnerability management today, her vision of future security, and how practitioners can use it to improve security for businesses.
    Topics discussed:
    Yabing shares some vulnerable moments that helped shape her career as a leader in the security industry.
    Yabing talks about how her education in philosophy brings value to her as a CISO looking at vulnerability management.
    Lisa and Yabing explore some of the commonalities in vulnerability management across different industries and market segments.
    They discuss prioritizing vulnerabilities and the need for bidirectional automation.
    Some best practices for vulnerability management metrics to mitigate risk are highlighted.
    Yabing shares her perspective on security at a company with a traditional legacy infrastructure versus a cloud-based business-centric approach.
    Yabing and Lisa talk about how cybersecurity is more and more tied to business objectives.
    Yabing explains her leadership style as a woman in a security leadership role.

    • 25 min
    Tim Brown, CISO at SolarWinds, on the Role Vulnerability Management Plays in Proper Cyber Hygiene

    Tim Brown, CISO at SolarWinds, on the Role Vulnerability Management Plays in Proper Cyber Hygiene

    In this episode, Lisa talks with Tim Brown is CISO at SolarWinds. Tim has held many roles in the cybersecurity space, including Fellow, chief architect, distinguished engineer and board advisor. Tim drives the creation, architecture, strategy and external visibility for products and solutions. 
    He has helped develop solutions in a number of security related areas including, vulnerability management, identity management, GRC, Antivirus, intrusion detection, encryption, security event management, cloud security, forensics, insider threat, IOT, analytic and managed security services. Tim has 15 issued patents and has developed and enhanced the patent programs. 
    Topics discussed: 
    Tim’s most vulnerable moment that shaped his career as a professional 
    What makes good cyber hygiene and the role VM plays 
    Why hygiene is not black and white, but something that should be measured consistently 
    Why just tooling without a VM program in place is ineffective 
    What it’s like to go through such a high profile, high visibility event 
    His takeaways and recommendations for practitioners and defenders 
    How defenders think in lists, attackers think in graphs 
    Tim’s practical advice for practitioners

    • 35 min
    Matt Sharp: How to Bridge the Gap Between Risk Management and Core Business Outcomes

    Matt Sharp: How to Bridge the Gap Between Risk Management and Core Business Outcomes

    Matt Sharp is the CISO at LogicWorks, a leading provider of platform driven cloud operations for AWS and Azure. Before LogicWorks, Matt was head of global information security at Crocs and spent more than a decade with cyber consulting firms like Optiv and Coalfire. Matt is also an author and recently published The CISO Evolution.  
    In this episode, Lisa and Matt discuss bridging the gap between security and business units, breaking down silos, and more! 
    Topics include: 
    How future economies built on the backs of digital platforms and in dynamic cloud environments will shape challenges in vulnerability management 
    Matt’s perspective on silos in SecOps teams how he breaks them down 
    How he engages multiple stakeholders to improve the maturity
    How Matt sees the balance of soft and hard skills required to be successful in vulnerability management space
    How to make relevant risk decisions about assets and how to tie them to core business outcomes 
    Why starting a business, automated learning, and finding meaningful ways to augment your programs and perspectives will help vulnerability management managers succeed in the future 
    Resources mentioned: 
    The CISO Evolution

    • 14 min

Customer Reviews

5.0 out of 5
1 Rating

1 Rating

Top Podcasts In Business

Erika Kullberg
Freakonomics Network & Zachary Crockett
Ramsey Network
NPR
Jocko DEFCOR Network
Guy Raz | Wondery

You Might Also Like