Building Security in Depth – Becky Elliott – Ep113

There isn’t a day goes by that our IT security isn’t under threat, been tested or questioned, it is a continual headache for organisations of all types, from ransomware to targeted attacks the issues are constant and of the highest priority to most of us.

Sadly, there is no magic button that takes away all our security woes, building IT security is difficult, multi-faceted and multi-layered. Earlier this year I read a great series of articles from a friend of mine over on Solarwinds Orangematters community site, this series looked at the importance of taking a multi-layered approach to security and building a Security In-Depth Strategy, ever since reading those articles I thought it would make a great podcast episode.

112719_1135_BuildingSec2.jpgWell, this week here it is, as I’m joined by Becky Elliott an experienced IT professional who, based in the US, has worked in some of the most secure infrastructures you will see, as well some places security was a little more “loose”. Currently Becky is working as a freelance consultant and blogger and has been creating some great IT related content, so hopefully this episode adds to that fine body of work!

In this episode we explore the series that Becky produced, the inspiration for it and her experiences of each of the topics she covered;

  • Why we need Security in depth
  • Judging a company’s security posture by its patching!
  • Security still an afterthought
  • Importance of security buy-in
  • When trust but verify isn’t enough
  • The weakest security link might be you
  • The story patching tells
  • Logs, logs and more logs
  • What security layers to consider
  • User education
  • Make security the path of least resistance
  • Security is hard!

As a first-time podcaster, Becky made a great guest, with lots of excellent insights that I hope you’ll learn as much from as I did. To find more from Becky you can follow her on twitter @beckylelliott and you can also read her latest blogs, a great mix of technology and career on her website beckyelliott.com .

If you have ideas for the show or would like to be a guest you can email podcast@techstringy.com and as always thanks for listening.

For more details on the topics covered Becky’s original series of articles can be found at the links below.

https://orangematter.solarwinds.com/2019/05/22/when-trust-but-verify-isnt-enough-life-in-a-zero-trust-world/

https://orangematter.solarwinds.com/2019/06/03/the-weakest-security-link-might-be-you/

https://orangematter.solarwinds.com/2019/06/14/the-story-patching-tells/

https://orangematter.solarwinds.com/2019/07/01/logs-logs-and-more-logs-why-you-need-siem-and-how-to-make-it-more-effective/

https://orangematter.solarwinds.com/2019/07/15/information-security-defense-in-depth-style/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.