The Business of Security
This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.
The Business of Security
#13 - Adam Shostack, President, Shostack & Associates - Real Business Value with Threat Modeling
Adam Shostack is the author of the book titled Threat Modeling: Designing for Security (Wiley, 2014). He also is a co-author of The New School of Information Security (Addison-Wesley, 2008). Adam is a veteran in the cyber security industry having spent over eight years with Microsoft where he focused on threat model tools and techniques. In this episode Ron and Adam discuss the ROI of threat modeling as well as address the fear security practitioners sometimes have with the agile development process. Adam leaves us with his top three items business leaders must know! Don't miss it.
Reach Adam on Twitter:
@adamshostack
Threat Modeling Book:
https://threatmodelingbook.com