#88 - Tackling 3 Really Hard Problems in Cyber (with Andy Ellis)

Explicit

This episode of CISO Tradecraft, Andy Ellis from Orca Security stops by to talk about three really hard problems that CISOs have struggled with for decades. 

1. How do we build a phishing program that works?
2. How do we build a 3rd party risk management program that isn't a paper exercise?
3. How do we actually get good at patch management?

Stick around for some great answers such as:

• Human error is a system in need of redesign
• How do we put every employee on an island protected from the company?
• If we stopped doing this practice/process, then how would the world be different?
• What data/transactions does this third party have access to ...