QOMPLX CISO Andy Jaquith was a guest on the With Ingram podcast, talking about the fast changing nature of cyber risk, COVID, hardware supply chains and the infamous Hamster Wheel of Pain.
Our revered CISO, Andy Jaquith, is always worth a listen. For one thing: Andy literally wrote the book on measurable information security. (That book, by the way, is Security Metrics: Replacing Fear, Uncertainty, and Doubt.) He also has a wealth of real-world experience. Before joining QOMPLX, Andy was Managing Director and Global Operational Risk Officer for Cyber and Information Risk at JPMorgan Chase, with responsibility for regulatory affairs and second-line cyber risk management.
So getting a peek into Andy's brain is always an interesting and worthwhile experience for any information security professional. Podcast host and former intelligence pro Philip Ingram is the latest who had the pleasure of doing so. On April 3, Andy sat down with Philip on Ingram’s podcast, With Ingram. Their conversation can be found here.
+ The current hype around security issues with the Zoom teleconferencing platform.
+ The origin of the term ‘hamster wheel of pain’, coined by Jaquith, which refers to the patch/scan/repeat cycle CISOs find themselves in. How is it possible to break free of this cycle?
+The importance of IT inventory: as a CISO, do you know what’s actually on your network?
+ Hardware supply chain risk and the controversy over the Bloomberg SuperMicro story.
+ How COVID-19 and working from home disrupts the analytics and baseline normally created by standard work patterns
+ The role of the GDPR, its initial implementation, and consequences.
+ Risk and the nature of risk, including compliance, human error, and cyber. What processes need to be put into in place to control as much of that risk as possible? What role does QOMPLX play in managing that risk?