Podcast: CYA - Cover Your Assets with Chris Roberts

August 9, 2021
by
Mark Miller

People | Process | Technology Podcast · CYA - Cover Your Assets with Chris Roberts

A couple weeks ago I read an article by Chris Roberts. The headline screamed, "Security Solved!"

Security solved? What the hell was he talking about. Everyday there's a new media storm around the latest breach or ransomware attack. There's an entire industry built around the idea that security is hard, and the need for special equipment, software and people to even think about being secure. 

Chris was insistent. He professed that security is not hard nor complicated. Not only does he consider it inexpensive and undemanding to do the right thing, his premise is it's easy to get the simple stuff sorted. I called Chris to get clarification on what he was talking about. As we got deeper into the discussion, we both realized this was a topic that needed more exposure. If there really is a simple way to implement security, the world should hear about it.

We invited people to participate in the recording of our discussion. You'll hear us reference people who were online with us, sending chat messages and questions. This session is a little longer that our usual podcast, but what's here is important. Chris says it's easy, I say it's not, and then we get into it. 

We start when I ask Chris to give us a little about his background. You'll be able to tell right from the start, this isn't going to be your ordinary podcast. 

Notes for this broadcast:

Basic Premise on Security

  • This isn't hard.
  • This isn't complicated.
  • This doesn't have to be expensive.
  • This doesn't need fancy words
  • This doesn't require gilted certificates
  • This isn't demanding
  • This needs no awards
  • This isn't covered in glory.

Step-by-Step:

  1. Assets, what do you have?
  2. Assets, where are they?
  3. Who's got access to them?
  4. What DO they do, what is their purpose?
  5. What's on them?
  6. Which ones do you need to care about?

Resources for the article

 

Mark Miller
Mark Miller

Mark Miller speaks and writes extensively on DevSecOps and Cybersecurity. He has published 9 books, including "Modern Cybersecurity: Tales from the Near-Distant Future"

More blog posts by
Mark Miller

Stay Connected

Subscribe to the latest JupiterOne news

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Keep Reading

Introducing Continuous Controls Monitoring (CCM) | JupiterOne
November 7, 2024
Blog
Introducing Continuous Controls Monitoring (CCM)

CCM delivers real-time visibility, proactive risk management, and streamlined compliance for security.

Now Available: JupiterOne’s Public Postman Workspace | JupiterOne
October 31, 2024
Blog
Now Available: JupiterOne’s Public Postman Workspace

Explore JupiterOne’s Public Postman Workspace to streamline your workflows and enhance your security operations.

Prioritizing Exploitable Vulnerabilities to Protect Your Business Critical Assets | JupiterOne
October 16, 2024
Blog
Prioritizing Exploitable Vulnerabilities to Protect Your Business Critical Assets

Vulnerability scanners flood teams with alerts, but CTEM helps prioritize based on exploitability and business impact, ensuring focus on the most critical threats.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.