47 min
Security is a process Cloud Security Today
-
- Technology
Send us a Text Message.
Episode Summary
On this episode, Co-Founder and CTO of Gutsy, John Morello, joins Matt to talk about Process Mining in Cybersecurity. Before co-founding Gutsy, John served as the CTO of Twistlock and VP of Product for Prisma Cloud.
John holds multiple cybersecurity patents and is an author of NIST SP 800-190, the Container Security Guide. Before Twistlock, he was the CISO of an S&P 500 global chemical company. Before that, he spent 14 years at Microsoft, working on security technologies in Windows and Azure and consulting on security projects across the DoD, intelligence community, and at the White House.
John graduated summa cum laude from LSU and lives in Baton Rouge with his wife and two sons. A lifelong outdoorsman and NAUI Master Diver and Rescue Diver, he's the former board chair of the Coalition to Restore Coastal Louisiana and a current Coastal Conservation Association board member.
Today, John talks about governance challenges in cybersecurity, the importance of security as a process, and how to apply process mining. How is process mining useful in cybersecurity? Hear about process mining human actions and unstructured sources, and how John manages to stay sharp.
Timestamp Segments
· [02:20] John’s cybersecurity journey.
· [07:43] Pivotal moments in John’s career.
· [10:23] The most pressing governance challenges.
· [14:07] What is process mining?
· [19:03] How process mining can benefit certain functions.
· [21:09] Security as a process, not a product.
· [25:37] Why there’s not more focus on process.
· [32:03] Applying process mining.
· [38:07] Filling in the gaps.
· [42:03] How John stays sharp.
Notable Quotes
· “Security is a process, not a product.”
· “In security, inefficiency and inconsistency are highly correlated with risk.”
· “Almost everything in security is about process.”
Relevant Links
Website: gutsy.com.
LinkedIn: www.linkedin.com/in/john-morello.
Secure applications from code to cloud.Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Send us a Text Message.
Episode Summary
On this episode, Co-Founder and CTO of Gutsy, John Morello, joins Matt to talk about Process Mining in Cybersecurity. Before co-founding Gutsy, John served as the CTO of Twistlock and VP of Product for Prisma Cloud.
John holds multiple cybersecurity patents and is an author of NIST SP 800-190, the Container Security Guide. Before Twistlock, he was the CISO of an S&P 500 global chemical company. Before that, he spent 14 years at Microsoft, working on security technologies in Windows and Azure and consulting on security projects across the DoD, intelligence community, and at the White House.
John graduated summa cum laude from LSU and lives in Baton Rouge with his wife and two sons. A lifelong outdoorsman and NAUI Master Diver and Rescue Diver, he's the former board chair of the Coalition to Restore Coastal Louisiana and a current Coastal Conservation Association board member.
Today, John talks about governance challenges in cybersecurity, the importance of security as a process, and how to apply process mining. How is process mining useful in cybersecurity? Hear about process mining human actions and unstructured sources, and how John manages to stay sharp.
Timestamp Segments
· [02:20] John’s cybersecurity journey.
· [07:43] Pivotal moments in John’s career.
· [10:23] The most pressing governance challenges.
· [14:07] What is process mining?
· [19:03] How process mining can benefit certain functions.
· [21:09] Security as a process, not a product.
· [25:37] Why there’s not more focus on process.
· [32:03] Applying process mining.
· [38:07] Filling in the gaps.
· [42:03] How John stays sharp.
Notable Quotes
· “Security is a process, not a product.”
· “In security, inefficiency and inconsistency are highly correlated with risk.”
· “Almost everything in security is about process.”
Relevant Links
Website: gutsy.com.
LinkedIn: www.linkedin.com/in/john-morello.
Secure applications from code to cloud.Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
47 min