My top 7 security posts from the past year
At Lightspin we brought you the Top 7 Cloud Attack Paths of 2022, and in honor of that, I’ve compiled 7 posts from the (mostly 2022) infosec social media archives, some you have seen, others you probably haven’t.
Here’s to doing security even better in 2023, and having fun while doing it. 👩🏻💻
- If you’re a CISO or Security Leader, do you struggle with communicating to execs and BOD members the value of your work? See Jon Hencinski’s amazing thread on how he talks about SOC performance relative to business goals
Once a month we get in front of our exec/senior leadership team and talk about #SOC performance relative to our business goals (grow ARR, retain customers, improve gross margin).
— Jon Hencinski (@jhencinski) February 22, 2022
A 🧵on how we translate business objectives to SOC metrics. pic.twitter.com/5VtaTCGomI
2. Ryan give us the Azure threat research matrix aka the blue cloud of death (shoutout to Bryce Kunz)
3. Its shared fate, not shared responsibility. Taylor Lehmann, who gets to work with the brilliant Phil Venables, shared this post on LinkedIn about GCP’s introduction of what they mean by “shared fate”.
4. Common IaC problems and how to fix them? Yes, please Luca.
Here are some common Infrastructure as Code (IaC) challenges and how to tackle them 🧵 (1/11)#DevOps #PlatformEngineering
— Luca (@luca_cloud) November 3, 2022
5. This one’s for all you CISOs. From Lyft to Fastly, Mike gives you the CISO planning kit you need (especially for those of you starting a new role)
6. Levity amidst the chaos: thank you Elizabeth and your magical desk drawer.
Yesterday my colleague cheered me up by producing from a desk drawer a set of computer failure haikus from a newsletter circulated to staff in 2003. Fantastic. pic.twitter.com/EGoDEj3DCV
— Elizabeth Smith (@ElizabethLSmit1) October 7, 2022
7. Every cloud architecture, perfectly described by Forrest Brazeal.
good morning and welcome to 2023 pic.twitter.com/44vDM8OkXQ
— Forrest Brazeal (@forrestbrazeal) January 9, 2023