ISSA Middle Tennessee Chapter
A glimpse into the future of cybersecurity at InfoSec Nashville 2019
Hundreds of cybersecurity professionals, innovators, and IT leaders came together to network, share best practices, and brainstorm how to address the most pressing challenges in cybersecurity at InfoSec Nashville 2019.
We had the opportunity to sit down with several cybersecurity thought leaders to discuss the latest industry trends and to hear their perspectives on where cybersecurity is today, and where it could go tomorrow. Here are some of those perspectives:
Cloud Range Cyber CEO Debbie Gordon discussed how cyber ranges, a simulation tool developed for the Israeli military, can help to address the skill shortage in cybersecurity. Cyber ranges allow cybersecurity professionals to gain experience and develop their skills in a simulated environment. Gordon underscored the importance of practice and experience-building in cybersecurity, emphasizing that people are the last line of defence against cyberattacks.
President of Kraft Technology Group Don Baham shared his thoughts on what businesses should be doing to prepare themselves from the rise in cyber threats, and how basic security measures could prevent a huge percentage of cyberattacks. He also advocated for small businesses to develop relationships with the cybersecurity community before they are targeted.
HCA Healthcare Security Threat Engineer Justin Hysler unpacked why cybersecurity is a patient safety issue for healthcare companies, explaining that vulnerabilities in essential healthcare systems must be exposed and addressed before they’re exploited. He discussed the challenges of implementing cybersecurity measures in the healthcare world, but shared his optimism that cybersecurity will be increasingly prioritized.
BJ Withrow, a major account manager with Tenable Security, explained how assessing cybersecurity vulnerabilities based on risk can help companies effectively prioritize security threats. He urged cybersecurity professionals to take a step back from the tactical to look at the big picture, evaluating the tools available and whether they’re being integrated into a security strategy.
Mark Burnette, co-founder of InfoSec Nashville and shareholder-in-charge at LBMC Information Security, dove into his new book for cybersecurity leaders, Risky Business. He advocated that good cybersecurity leaders must grow beyond technical expertise to develop leadership characteristics. He emphasized that communication skills in particular are an essential area for growth, explaining that cybersecurity leaders must be able to translate technical language for their clients.
LBMC Information Security Manager Sheryl Benedict offered some helpful ways to minimize what she calls “geek-speak” when discussing cybersecurity needs and solutions with your management team. She also highlighted the value of conferences like InfoSec Nashville that allow cybersecurity professionals to network, share best practices, and learn how to protect their enterprises more effectively as a community.
Justin Bumpus, solution architect and information security team member at Tractor Supply Company, unpacked how to show your management team how cybersecurity is bringing value to their business. He shared strategies for tying cybersecurity into industry buzz and encouraged information security professionals to advocate for resources by telling the story of the work they do every day.
Rob Tudor, Director of IT Partnerships at Nashville State Community College, discussed the shortage of IT professionals and the future of the tech workforce in Middle Tennessee. He urged business and HR leaders to reexamine job descriptions and turn to entry-level candidates and candidates with two-year degrees as viable sources of talent.
Change Healthcare Director of Information Security and ISSA Middle Tennessee Chapter Treasurer Susan Richards took us behind the scenes of InfoSec Nashville to highlight what makes this conference such a unique gathering. She also advocated for a new approach to talent development and hiring in cybersecurity, urging industry leaders to give talented professionals a chance.
Ashley McLone, a technical account manager at Tanium, highlighted the danger of PowerShell malware and explained how to easily detect it. He also shared his enthusiasm for the cybersecurity community and for conferences like InfoSec Nashville.
CyberMaxx President and COO Jason Riddle argued that, rather than chasing new technologies to address cybersecurity breaches, we have to get back to the fundamentals. He urged companies to invest in talent rather than in short-term solutions, and advised a renewed focus on preparedness and patch-management processes.
The InfoSec Nashville 2019 podcast is sponsored by ExtraHop, providing enterprise cyber analytics that deliver security and performance from the inside out. For more information, visit extrahop.com.