Doug LaneMy top security topics
One of the best things about working in cybersecurity is that it's always changing. There are always new things to learn and think about. Here are some of the areas of security that I'm thinking about the most right now:Securing the digital supply chainThe evolution of cloud-native securityInternet of Things (IoT) securityThe human element of securitySecuring web3 and blockchainI'll take them one by one this week and share some quick thoughts on why I think they're interes...
Doug LanePoor man’s Gong
If you’re someone who works with me, you may have noticed that I ask to record our Zoom calls more often than I used to. There’s a reason for this. While I can’t justify the cost of a revenue intelligence platform like Gong for my small shop, I made up my own poor man’s version. Here’s how it works.Download and install Descript. (There’s a free version.)Hit the record button on a Zoom call and pick the “Record on this computer” option.After the Zoom call ends, drag the video file that Zoom sp...
Doug LaneWelcome to the simulation
OK, now that the marketing guy explained what Zero Trust is, let’s get into some ways to give security buyers a plan for it (that hopefully includes some of you). There’s a real danger that this could get boring in a hurry, so here’s what I’m thinking. Over the next few days, I’ll give you my quick take on what I like and don’t like about the three possible starting points I mentioned. I’m not going to regurgitate every detail, but I’ll try to give you the gist. Then, I’m going to make up a f...
I share daily thoughts about cybersecurity and emerging technology. [Subscribe](https://daily.axalane.com) or [hire me](https://axalane.com)
Subscribe to Doug Lane
Subscribe to Doug Lane
I share daily thoughts about cybersecurity and emerging technology. [Subscribe](https://daily.axalane.com) or [hire me](https://axalane.com)
Doug LaneMy top security topics
One of the best things about working in cybersecurity is that it's always changing. There are always new things to learn and think about. Here are some of the areas of security that I'm thinking about the most right now:Securing the digital supply chainThe evolution of cloud-native securityInternet of Things (IoT) securityThe human element of securitySecuring web3 and blockchainI'll take them one by one this week and share some quick thoughts on why I think they're interes...
Doug LanePoor man’s Gong
If you’re someone who works with me, you may have noticed that I ask to record our Zoom calls more often than I used to. There’s a reason for this. While I can’t justify the cost of a revenue intelligence platform like Gong for my small shop, I made up my own poor man’s version. Here’s how it works.Download and install Descript. (There’s a free version.)Hit the record button on a Zoom call and pick the “Record on this computer” option.After the Zoom call ends, drag the video file that Zoom sp...
Doug LaneWelcome to the simulation
OK, now that the marketing guy explained what Zero Trust is, let’s get into some ways to give security buyers a plan for it (that hopefully includes some of you). There’s a real danger that this could get boring in a hurry, so here’s what I’m thinking. Over the next few days, I’ll give you my quick take on what I like and don’t like about the three possible starting points I mentioned. I’m not going to regurgitate every detail, but I’ll try to give you the gist. Then, I’m going to make up a f...
Share Dialog
Share Dialog
<100 subscribers
<100 subscribers
So, it looks like we're going to get to watch a supply chain security incident unfold in real-time. As noted briefly in yesterday's email, it wasn't a great day for Okta.
But rather than piling on with criticism of Okta's response, take a master class in supply chain security crisis response from Cloudflare. A major security vendor in their own right, Cloudflare was one of the Okta customers whose information was visible in the screenshots shared by the Lapsus$ hacking group.
Even as their own incident response was unfolding, Cloudflare CEO Matthew Prince was out with an initial Tweet acknowledging the issue at 1:38 a.m. Eastern time. By early yesterday afternoon, there was a blog post up with a down-to-the-minute account of Cloudflare's response activities, initial findings, and next steps.
During a crisis, there's a natural tendency to wait until you have all of the answers to communicate. But putting your competence on display early – even if you're working with imperfect information – is the best way to build trust.
-Doug
So, it looks like we're going to get to watch a supply chain security incident unfold in real-time. As noted briefly in yesterday's email, it wasn't a great day for Okta.
But rather than piling on with criticism of Okta's response, take a master class in supply chain security crisis response from Cloudflare. A major security vendor in their own right, Cloudflare was one of the Okta customers whose information was visible in the screenshots shared by the Lapsus$ hacking group.
Even as their own incident response was unfolding, Cloudflare CEO Matthew Prince was out with an initial Tweet acknowledging the issue at 1:38 a.m. Eastern time. By early yesterday afternoon, there was a blog post up with a down-to-the-minute account of Cloudflare's response activities, initial findings, and next steps.
During a crisis, there's a natural tendency to wait until you have all of the answers to communicate. But putting your competence on display early – even if you're working with imperfect information – is the best way to build trust.
-Doug
No activity yet