ออฟไลน์ด้วยแอป Player FM !
Episode 49 - Have Your Bunnies at the Ready
Manage episode 288912234 series 2706360
April 1st!
https://www.facebook.com/burgerking/posts/4438200159526619
https://twitter.com/VW/status/1376868756782219266
https://www.animationmagazine.net/tv/the-cats-out-of-the-bag-cn-rebrands-as-cat-toon-network/
This week in Infosec
Liberated from the “today in infosec” twitter account:
- 27th March 1979: 33-year-old computer consultant Stanley Mark Rifkin was sentenced to 8 years in prison for stealing $10.2 million from a bank via computer. Federal District Judge Matthew‐Byrne Jr., rejecting an appeal from Mr. Rifkin that he be placed on probation.
https://twitter.com/todayininfosec/status/1243427187165814785
Rant of the Week
Whistleblower: Ubiquiti Breach "Catastrophic"
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
Billy Big Balls
Thoughts on Selling to Security Leaders
Jason Chan - VP Security Netflix
- If I ask to not be contacted by your company, ensure that fulfilling my request covers all channels (phone, LinkedIn, email, snail mail, etc.) and extends to your colleagues.
- Don’t sell based on FUD (Fear, Uncertainty, and Doubt). Security is a tough field to work in, and bad things happen. I don’t need scare tactics from sales folks.
- It’s fine to follow up to an unanswered message - once. And give it at least a week between messages. If someone doesn’t respond after the second reachout, it’s likely they are not interested. I’d not have time to do my job if I replied or unsubscribed to every reach out I receive.
- Don’t assume you understand the problems I’m facing or that you know what should be at the top of my priority list. Every organization has a different threat model, culture, and risk tolerance.
- If you’re selling something, don’t ask to “pick my brain” or for “feedback on your approach.”
- DO NOT CALL ME ON THE PHONE. There is no situation where I'm looking to have this conversation. Email or LinkedIn is fine.
- If you’re working with someone on my team, don’t escalate to me if things don’t go your way. I trust my team to make good decisions.
- Your solution or product doesn’t solve every security problem. That’s okay, I don’t expect it to. Just be clear about the value you believe your solution brings.
- Your solution won’t save me from the next [INSERT BREACH/EXPLOIT/VULNERABILITY] here. Don’t say it will. Perhaps it’s additive or helpful, but operating a security program successfully is complex and involves people and technology working together. Again, just be clear about your product’s value.
- Don’t offer me a gift card, gift, or cash in exchange for a meeting. Just no.
- Keep your word, and follow up on time if and when asked. I appreciate folks who meet their commitments and respect my time.
- If I’m a customer, think long term partnership vs. transactional sale. There is a lot of overhead to switching vendors and I appreciate folks that I can build a long term, mutually beneficial relationship with.
Industry News
Burned Out Employees Put Corporate Security at Risk
Aussie TV Network Taken Off Air by Ransomware
German MPs Hit by Russian-Backed Phishing Attacks
Cyberbullying Linked to Social Media Addiction
UK Cyber Security Council Officially Launches as Independent Body
CISA and RH-ISAC to Run Cybersecurity Drill
Three-Quarters of Legal Breaches Caused by Insiders
Most Global Chip Companies Show Signs of Compromise
Tweet of the Week
https://twitter.com/0x26d/status/1377415060759269377
Come on! Like and bloody well subscribe!
192 ตอน
Manage episode 288912234 series 2706360
April 1st!
https://www.facebook.com/burgerking/posts/4438200159526619
https://twitter.com/VW/status/1376868756782219266
https://www.animationmagazine.net/tv/the-cats-out-of-the-bag-cn-rebrands-as-cat-toon-network/
This week in Infosec
Liberated from the “today in infosec” twitter account:
- 27th March 1979: 33-year-old computer consultant Stanley Mark Rifkin was sentenced to 8 years in prison for stealing $10.2 million from a bank via computer. Federal District Judge Matthew‐Byrne Jr., rejecting an appeal from Mr. Rifkin that he be placed on probation.
https://twitter.com/todayininfosec/status/1243427187165814785
Rant of the Week
Whistleblower: Ubiquiti Breach "Catastrophic"
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
Billy Big Balls
Thoughts on Selling to Security Leaders
Jason Chan - VP Security Netflix
- If I ask to not be contacted by your company, ensure that fulfilling my request covers all channels (phone, LinkedIn, email, snail mail, etc.) and extends to your colleagues.
- Don’t sell based on FUD (Fear, Uncertainty, and Doubt). Security is a tough field to work in, and bad things happen. I don’t need scare tactics from sales folks.
- It’s fine to follow up to an unanswered message - once. And give it at least a week between messages. If someone doesn’t respond after the second reachout, it’s likely they are not interested. I’d not have time to do my job if I replied or unsubscribed to every reach out I receive.
- Don’t assume you understand the problems I’m facing or that you know what should be at the top of my priority list. Every organization has a different threat model, culture, and risk tolerance.
- If you’re selling something, don’t ask to “pick my brain” or for “feedback on your approach.”
- DO NOT CALL ME ON THE PHONE. There is no situation where I'm looking to have this conversation. Email or LinkedIn is fine.
- If you’re working with someone on my team, don’t escalate to me if things don’t go your way. I trust my team to make good decisions.
- Your solution or product doesn’t solve every security problem. That’s okay, I don’t expect it to. Just be clear about the value you believe your solution brings.
- Your solution won’t save me from the next [INSERT BREACH/EXPLOIT/VULNERABILITY] here. Don’t say it will. Perhaps it’s additive or helpful, but operating a security program successfully is complex and involves people and technology working together. Again, just be clear about your product’s value.
- Don’t offer me a gift card, gift, or cash in exchange for a meeting. Just no.
- Keep your word, and follow up on time if and when asked. I appreciate folks who meet their commitments and respect my time.
- If I’m a customer, think long term partnership vs. transactional sale. There is a lot of overhead to switching vendors and I appreciate folks that I can build a long term, mutually beneficial relationship with.
Industry News
Burned Out Employees Put Corporate Security at Risk
Aussie TV Network Taken Off Air by Ransomware
German MPs Hit by Russian-Backed Phishing Attacks
Cyberbullying Linked to Social Media Addiction
UK Cyber Security Council Officially Launches as Independent Body
CISA and RH-ISAC to Run Cybersecurity Drill
Three-Quarters of Legal Breaches Caused by Insiders
Most Global Chip Companies Show Signs of Compromise
Tweet of the Week
https://twitter.com/0x26d/status/1377415060759269377
Come on! Like and bloody well subscribe!
192 ตอน
ทุกตอน
×ขอต้อนรับสู่ Player FM!
Player FM กำลังหาเว็บ