Management consultant and educator Peter Drucker has many famous quotes attributed to him, but one of his most memorable by far is “culture eats strategy for breakfast, operational excellence for lunch, and everything else for dinner.” Nowhere is this more apparent than in cybersecurity. A recent survey showed that 30% of your employees think cybersecurity is not their responsibility – 30%! In other words, the perspective that “cybersecurity is an IT problem to solve” persists, despite evidence to the contrary. On this episode of WMD, I will be talking with Amy Omrod, CEO of Cygence, an Australia-based cybersecurity consulting firm providing mission-focused and intelligence-led services to enable clients to reduce risk, and deliver optimal outcomes. Amy explains the importance of building a security first culture to generate sustainable organizational change.

Take a look around. Work is no longer a place you go, but something you engage in. Industries have become cyborg – a physical, human, digital hybrid. This creates intense pressure to maintain the IT infrastructure that is the lifeblood of the cyborg organization. Cybersecurity personnel take on that responsibility, which requires 24/7/365 vigilance. Is it any wonder that cybersecurity people are experiencing burn out at unprecedented levels? Not only is the job demanding, but more and more, cybersecurity personnel are becoming personally liable when security fails. On this episode of WMD, Dr. Tamara Schwartz welcomes back Paul Davis, Field CISO from JFrog to discuss building resilience in your cybersecurity workforce.

The 2017 NotPetya cyberattack exploited the software supply chain when malware was embedded in a routine update of the M.E. Docs software, an accounting software similar to Quicken, which is widely used in Ukraine. This past summer, Crowdstrikecustomers experienced problems when there was an error in a line of code. Although this was not a cyberattack, the impact of this error was widely felt, and both Crowdstrike and IT shops worked hard to provide a remedy as quickly as possible. These events highlight the importance of the software supply chain. On this episode of WMD, Dr. Tamara Schwartz talks with Paul Davis, Field CISO from JFrog, a software supply chain platform that brings together DevOps, DevSecOps, and MLOps to provide end-to-end visibility, security, and control for automating delivery of trusted releases. Paul explains the complexity of software development and the challenges of an open source software development ecosystem, highlighting how a capability like JFrog can bring peace of mind.