A podcast on the journey to discovery through data in information security by Jay Jacobs and Bob Rudis. Episode 6: Insightful conversation with Bitsight’s Stephen Boyer
In this episode, Jay & Bob have a late-night chat with Stephen Boyer, CTO of BitSight about discerning information about the security health of an organization solely through what can be publicly observed and the tools & infrastructure such an undertaking requires. You'll also hear Stephen's thoughts on reproducible security research, what he looks for in a data scientist and how to communicate results clearly & effectively.
Resources / people featured in the episode:
- Stephen's Twitter Handle (@swboyer)
- BitSight - https://bitsighttech.com/
- BitSight Insights - (Most recent report)
- Data breach notifications BitSight post. They are tracking the legal side pretty closely and reference some work where we published FOIA results in healthcare.
- Info about reproducible research
In This Episode
Data Driven Security - Episode 6
Introducing Stephen Boyer
hrbrmstr's new gig
A bit about BitSight
What can we measure to tell us how secure an organization is?
Observables & hygene
What are the challenges in collecting only external public information?
Uncertainty & atrribution
Deciding when to acquire more data
Tools of the trade
Foundations on reprodible research
What do you look for in a data scientist/team?
Evolution of a security hygene index
Securing security data
BitSight Industry Insights Report
The value of an electronic medical record
What advice/guidance can you give to organizations looking to become more data-driven?