“We’re always fighting the last war” — that’s a phrase historians like to use because policymakers and others tend to be so focused on the threats they already know, and our mindsets and organizational structures are oriented to respond that way as well. And in the “situation room” of nation states (including the intelligence briefing war rooms in the White House), much of the security conversation is necessarily focused on the worst possible scenarios, broader context, and attribution as well. Companies, however, unlike nation states, do not have to worry so much about attribution (who did this? why) or even as much about the sexy, headline-grabbing threats. In fact, they may be better off focusing on security hygiene and basic metrics for assessing risk in the boardroom — much like they review financials regularly — argue the guests in this hallway-style conversation episode of the CFI Podcast.
Herb Lin, who is Senior Research Scholar for Cyber Policy and Security at the Center for International Security and Cooperation and is also at the Hoover Institution, both at Stanford University; David Damato, Chief Security Officer at Tanium; and CFI policy team partner Matt Spence (who among other things previously spent time at the White House working with the National Security Council) begin by sharing their views on the term “cybersecurity” …and end up with practical advice for a security boardroom 101. No matter what, security should have a seat at the table.
Sonal Chokshi is Editor in Chief of Crypto at Andreessen Horowitz.
David Damato
Herb Lin
Matt Spence
The CFI Podcast discusses the most important ideas within technology with the people building it. Each episode aims to put listeners ahead of the curve, covering topics like AI, energy, genomics, space, and more.