25 min
Jim Scott: How to make security and vulnerability management a priority Future of Exposure Management
-
- Business
In this episode we speak with Jim Scott, Manager of Information Security at Insurance Auto Auction (IAA). Jim has more than 15 years of diverse experience leading security projects and corporate information initiatives. We get into his early days of working in cybersecurity, how it has evolved into a passion, and how we can succeed if we see security as more than just a technology problem.
Other topics discussed:
The pushback and challenges of making security a priority
The long-term value a company can realize by prioritizing security
How application security and vulnerability management is constantly changing
Relationships between the business and security, and how to bridge the differences
Overcoming the perception that security is not a “revenue generator,”
How to speak to clients in relatable and non-technical terms
Respecting failure and using it as a tool for learning
Whether we have enough people working in vulnerability management
How to measure the ROI of vulnerability management (and whether it is even measurable)
In this episode we speak with Jim Scott, Manager of Information Security at Insurance Auto Auction (IAA). Jim has more than 15 years of diverse experience leading security projects and corporate information initiatives. We get into his early days of working in cybersecurity, how it has evolved into a passion, and how we can succeed if we see security as more than just a technology problem.
Other topics discussed:
The pushback and challenges of making security a priority
The long-term value a company can realize by prioritizing security
How application security and vulnerability management is constantly changing
Relationships between the business and security, and how to bridge the differences
Overcoming the perception that security is not a “revenue generator,”
How to speak to clients in relatable and non-technical terms
Respecting failure and using it as a tool for learning
Whether we have enough people working in vulnerability management
How to measure the ROI of vulnerability management (and whether it is even measurable)
25 min