The Balancing Act by Security Compass

Today we are joined by Altaz Valani from Security Compass and Andy Woyzbun, Management Consultant at Woyzbun Advisory, to discuss how a CIO drives a cybersecurity strategy. In this podcast, we will talk about clearly defining and communicating security policies; guiding employees to execute these policies; and using guardrails to assess whether security policies are being enforced effectively. Ultimately, it’s about balancing a cybersecurity strategy against the needs of business enablement.

Today we are joined by Altaz Valani from Security Compass and Spencer Koch, Security Wizard at Reddit, to discuss the importance of a proactive security mindset across the software security life cycle. Proactive often means using tools, but these tools are useful only if they help reduce process overhead. Blindly shifting security responsibilities to tool results in more overhead through false positives. In this podcast, we will talk about a lean process mindset that shifts the discussion “to the left” (before SAST, DAST, and Pentesting) and helps to identify where waste can be eliminated — and that is what enables proactive security.

Spencer is an offensive security professional with extensive experience in both consulting and industry. He has also served as the North American CISO at a large energy company.

Today we are joined by Altaz Valani from Security Compass and Lynn Carter, Consultant and former Professor at Carnegie Mellon University, to talk about the importance of clearly identifying security training objectives. In this podcast, we will delve into why it is important to build long-term behavioral changes into your program vision for sustainable security training. A thoughtful approach to training can help bridge the gap between business and security teams.

Today we are joined by Altaz Valani from Security Compass and Malu Septien Milan, President of Cryptopon, to discuss how you can balance software development risk at all levels of an organization. In this podcast, we are exploring the tension between automation and controls with a focus on providing value to the end customer.

Today we are joined by Rohit Sethi from Security Compass and Dan Fritsche, Founder, and CEO at Alpine Security Consulting, to talk about balancing speed and risk in payments. In this podcast, Dan will share his experience with security and the continuous need for innovation fueled by customer demand in the payments space.

Today we are joined by Altaz Valani from Security Compass and Vicky Hailey, Certified Management Consultant at VHG, to discuss how you can tie your software development programs and processes to business value. In this podcast, we will talk about the importance of focusing on customer and stakeholder needs first — only then can we drive out the right software development programs and practices that contextually balance these needs.

Listen in on a brief discussion around Privacy and Contact Tracing. Our research team from Security Compass discusses several relevant issues from the need to gain public trust, developing secure apps, data accuracy, and managing the data lifecycle all while trying to balance public safety and utility.

Today we are joined by Kevin Delaney, Director of Solutions Engineering at Security Compass who will share a useful, bite-sized analogy on the importance of fostering meaningful collaboration between security and engineering teams.

Today we are joined by Altaz Valani from Security Compass and Glen Notman, Associate Partner at Citihub, to discuss how we can engage different stakeholders to adopt a balanced development approach. In this podcast, we will go into the details of how the “technical” automation-for-speed perspective is shifting to a “business-centric” perspective of automation-for-balance, which includes risk and security.

In this episode, Security Compass' Altaz Valani is joined by Ayhan Tek, VP of Information Security at Cyber Electra, to discuss how DevOps automation is shifting to include balanced development for software security. As we inject security, risk, and compliance into software development, we will explore how automation can improve product security and time to market.