George Kamide

Which is to say, like, no other humans have had to deal with this level of complexity. We're talking about code level complexity. Like, is somebody going to brick all the John Deere machines through, you know, some vulnerability? Is somebody going to ransomware just key suppliers like JBS? And so it's fine to say, like, I think I have it, but I'm going to this is my process for making sure like.

Which is to say, like, no other humans have had to deal with this level of complexity. We're talking about code level complexity. Like, is somebody going to brick all the John Deere machines through, you know, some vulnerability? Is somebody going to ransomware just key suppliers like JBS? And so it's fine to say, like, I think I have it, but I'm going to this is my process for making sure like.

Who are you to think? I mean, no other part of the economy has ever been this complex. And that's sort of like the crazy thing about living in the present is it is always at its most material complex. And so it should be fine to be like, I don't know. I'm not certain. It's, you know, let's check that.

Who are you to think? I mean, no other part of the economy has ever been this complex. And that's sort of like the crazy thing about living in the present is it is always at its most material complex. And so it should be fine to be like, I don't know. I'm not certain. It's, you know, let's check that.

Yeah, there's a joke to be made about silos, given that we're talking about farming. I will not make it. But to your point about people and culture, which is a word I've probably overused this episode, is also creating a culture where people can dissent, where they can argue, where they can raise issues, right? If

Yeah, there's a joke to be made about silos, given that we're talking about farming. I will not make it. But to your point about people and culture, which is a word I've probably overused this episode, is also creating a culture where people can dissent, where they can argue, where they can raise issues, right? If

If we post 9-11, try to empower literally every citizen of these United States to, if you see, say something, say something. But we do not allow that, I guess, break from the rank and file in our internal teams. Like, no, who are you junior analysts to like raise this concern? This is an obvious problem. Right.

If we post 9-11, try to empower literally every citizen of these United States to, if you see, say something, say something. But we do not allow that, I guess, break from the rank and file in our internal teams. Like, no, who are you junior analysts to like raise this concern? This is an obvious problem. Right.

So you're not going to tech your way out of it, but you can build processes where people can either review each other's work or they can begin to say and feel comfortable raising their hand. I think that's from and, you know, best case scenario, they're wrong. Great. And but you have like don't use that as a punishment against them.

So you're not going to tech your way out of it, but you can build processes where people can either review each other's work or they can begin to say and feel comfortable raising their hand. I think that's from and, you know, best case scenario, they're wrong. Great. And but you have like don't use that as a punishment against them.

And as long as it's, yeah, as long as it's good faith and it's not, you know, boy who cried wolf. But like, I don't, again, especially from a CISO perspective, you know, 90% of the CISO's job is not like hands-on keys. It's, it is negotiating these different processes inside an organization may, and again, procuring technology, small portion of that pie of responsibility.

And as long as it's, yeah, as long as it's good faith and it's not, you know, boy who cried wolf. But like, I don't, again, especially from a CISO perspective, you know, 90% of the CISO's job is not like hands-on keys. It's, it is negotiating these different processes inside an organization may, and again, procuring technology, small portion of that pie of responsibility.

And so to imagine that like the upper echelons of a security organization can keep a read on the pulse of everything is sort of delusional, right?

And so to imagine that like the upper echelons of a security organization can keep a read on the pulse of everything is sort of delusional, right?

You actually do rely on the people who are, they're watching the logs or intercepting the packets or whatever, doing that work and then being, feeling empowered to stop the presses, push the button, whatever it is to pause and like, let's review what looks to be an anomalous event or whatever, and, or

You actually do rely on the people who are, they're watching the logs or intercepting the packets or whatever, doing that work and then being, feeling empowered to stop the presses, push the button, whatever it is to pause and like, let's review what looks to be an anomalous event or whatever, and, or

you know just architecting your teams to have that because right now i think the way we have built our teams is built around an old-fashioned model of how we works like network switches in the basement we don't longer have that it's in the cloud right code built in-house yes but also third-party code repos And even human specialization, right? You are the insider risk manager.

you know just architecting your teams to have that because right now i think the way we have built our teams is built around an old-fashioned model of how we works like network switches in the basement we don't longer have that it's in the cloud right code built in-house yes but also third-party code repos And even human specialization, right? You are the insider risk manager.

You are the SOC analyst. You are the tier two SOC analyst. You are the incident responder. You're the forensic person. The volume and complexity that we're dealing with today, I think we need to learn new ways and experiment with new ways to make ourselves a little bit more agile, not in the code dev sense, but like being able to respond because

You are the SOC analyst. You are the tier two SOC analyst. You are the incident responder. You're the forensic person. The volume and complexity that we're dealing with today, I think we need to learn new ways and experiment with new ways to make ourselves a little bit more agile, not in the code dev sense, but like being able to respond because