PodParley PodParley
PodParley PodParley
Log in

Safety vs. Security: Why Words Matter with Sounil Yu

Episode 7 of the CTRLPhreaks podcast, hosted by Clarissa Lucas & Bill Bensing, titled "Safety vs. Security: Why Words Matter with Sounil Yu" was published on April 26, 2024 and runs 45 minutes.

April 26, 2024 ·45m · CTRLPhreaks

0:00 / 0:00

Episode Description

Summary

Sounil Yu, author of Cyber Defense Matrix, discusses the importance of terminology in cybersecurity and the distinction between safety and security. He explains how the Cyber Defense Matrix helps organize and identify gaps in security capabilities. He also introduces the concept of the D.I.E. Triad (distributed, immutable, ephemeral) and how it can reduce the impact of liabilities in cybersecurity. The conversation highlights the need to redefine the economic equation of cybersecurity from a cost to an investment. The talk explores the concepts of cyber safety and cybersecurity and how they relate to risk management and defense strategies. The guests discuss the importance of having necessary defenses in place, even for smaller businesses that may not be direct targets. They also delve into the three-line model and how it aligns with the cyber defense matrix. The matrix is a valuable tool for understanding the full scope of cybersecurity and making risk-based decisions. The conversation emphasizes the need for a common language and understanding between tech and audit professionals.

Takeaways

  • Terminology is crucial in cybersecurity to ensure clear communication and understanding.
  • The Cyber Defense Matrix helps organize and identify gaps in security capabilities.
  • The D.I.E. triad (distributed, immutable, ephemeral) can reduce the impact of liabilities in cybersecurity.
  • Redefining the economic equation of cybersecurity from a cost to an investment is essential. Having necessary defenses in place is vital for all organizations, regardless of their size or direct targeting.
  • The cyber defense matrix is a helpful tool for understanding the full scope of cybersecurity and making risk-based decisions.
  • Common language and understanding between tech and audit professionals are crucial for effective communication and collaboration.
  • Risk tolerance and appetite should clearly articulate and align with the organization's goals and resources.
  • The cyber defense matrix can be used as an assurance map to identify controls and risk coverage gaps.

Chapters


00:00 Introduction and Background

06:18 The D.I.E. Triad

14:13 The Importance of Terminology

26:40 Risk Tolerance and Risk Appetite

35:07 The Role of Language and Common Understanding

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

No similar podcasts found.

URL copied to clipboard!