A podcast on the journey to discovery through data in information security by Jay Jacobs and Bob Rudis. Episode 5: Fireside chat with David Severski
Episode 5
In this episode, Jay & Bob sit down with David Severski, Manager of the Information Security program at Seattle Children's Hospital to talk about the challenges & rewards of building a data-driven security program from the ground up. Along the way, they cover education, tools, engaging the community and what lies ahead for data-driven security.
Resources / people featured in the episode:
- David Severski's Blog - https://blog.severski.net/
- Building a Log Analysis Pipeline (David's "ELK" talk)
- Coursera (MOOC with many data analysis courses)
- UW Certificate in Data Science You will be equipped with the fundamental tools, techniques and practical experience to acquire valuable insights from data sets at any scale – from gigabytes to petabytes.
- The Phoenix Project
- Rich Mogull + https://securosis.com/about/team
- Andrew Hay
- Chef, Puppet, Vagrant
In This Episode
| Time Index | Title |
00:00:00 | Welcome! |
00:01:42 | Introducing David Severski |
00:03:50 | Challenges with building a Data-Driven Security program |
00:06:43 | How to acquire Data-Driven Security skillsets |
00:09:14 | Starting with "Why?" |
00:11:18 | Knowing, applying & switching tools |
00:16:13 | Is there a need for a new type of security consultancy practice? |
00:18:50 | Elasticsearch ALL THE THINGS! + dealing with infrastructure |
00:22:42 | Putting a value on your time |
00:26:12 | Snapping back to Elasticsearch |
00:31:44 | Will this ever be "off-the-shelf"? |
00:33:44 | Taking a cue from Netflix, Etsy and others |
00:40:01 | A struggling but promising community |
00:48:45 | Choose your own data-driven security adventure |
00:49:54 | Automating ALL THE THINGS! |
00:54:45 | Harnessing the power of the community |
01:04:05 | Winding down |
