Information security is a difficult job. On today’s Day Two Cloud we talk about how to build a successful security practice within your organization. Our guest is Swathi Joshi, VP, SaaS Cloud Security at Oracle. She breaks down security teams into three core groups: proactive security (making products secure from the get-go ), defensive security (detecting and responding to vulnerabilities and threats), and assurance (risk reduction, enabling secure access, meeting compliance requirements).
She also shares her insights around Security Operations Centers (SoCs), security automation, threat and vulnerability management, and successful blue team practices.
We discuss:
- Integrating proactive, defensive, and assurance approaches to security
- How to build a successful blue team
- Having a breach and disclosure playbook
- Prioritizing threats beyond CVEs
- Ensuring security isn’t the “Department of No”
- Becoming a security professional
- More
Sponsor: Drata
Automate your security framework compliance with Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, GDPR, HIPAA, CCPA, FIEC, NIST Standards, CMMC and other compliance frameworks and provides 24-hour continuous control monitoring so you focus on scaling securely. Drata integrates with your tech stack through applications such as AWS, Azure, Github, Okta and Cloudflare. Say goodbye to manual evidence collection and hello to automated compliance by visiting drata.com/partner/daytwocloud.
Show Links:
@swathijoshi – Swathi Joshi on X
Podcast: Play in new window | Download
