In this episode of Phishy Business, we talk about the improper mindset of not thinking about security until after you have been breached, and some of the major problems this can cause. We do this through the lens of SIEM, ethical hacking, and a focus on the need for leadership in teaching organizations how to be secure. We also discuss how some IT leaders try to keep the results of pen testing quiet.

Our special guest is Dez Rock, CEO of SIEMonster. After dropping out of law school, Dez became an entrepreneur and has run businesses for the last 20 years. Dez has spent a good deal of time in ethical hacking, building great experiences and great stories over the years with both physical and virtual security. She also has plenty of great insights about being a female CEO with ADHD in the cybersecurity industry.

In ‘Exposing Shortcomings in Cybersecurity Leadership and why we need more Dana Scullys’, we discuss:

• What made Dez and her team successful as ethical hackers and how this helped make their product better.
• How there needs to be more transparency about cybercrime, not only between organizations, but within them as well.
• Why boards need to realize that the fact they haven’t been breached makes them low hanging fruit.
• What security decision makers think of vendor marketing and what they also should be aware of when it comes to marketing budgets and tactics.
• The importance of democratizing security.
• The major limitations of adopting point solutions and not thinking of the whole ecosystem.
• The importance of a neurodiverse workforce in cybersecurity and any industry.
• Dez’s experiences as a female CEO.
• How more women need to be represented in STEM careers to get more diversity in these roles.