Frameworks Over Time w/ Derly Gutierrez, Mustapha Kebbeh and Patrick Benoit

In this, the very first LIVE episode, Allan Alford interviews guests Derly Gutierrez, Head of Information Security at 1010Data, Patrick Benoit, BISO at CBRE, and Mustapha Kebbeh, CISO at Brinks, as they discuss the use of security frameworks in general and over time.

Regarding framework compliance, do we choose one or do we choose many? Do we embrace them fully or partially? What changes our approach to frameworks over time?

Security strategies are explained throughout the episode, along with the notions of business adaptation and adoption, regulation and other requirements, and "minimum viable security" approaches that don't require frameworks at all.

Key Takeaways:

0:43 – Intro
1:53 – Question to Mustapha: pick and choose from a framework or embrace a framework all in one go?
2:47 – Patrick discusses his own approach to Mustapha’s statement
3:26 – The evolution of CFS adoption briefly discussed and the importance of protection
6:59 – Discussion of a possible "least viable security" approach that doesn’t depend on the frameworks at all
9:50 – Maturity models
13:32 – Security strategies
19:56 – The guests answer: What were the toughest challenges working with a framework?
21:56 – The guests share their best success story with frameworks
23:51 – The guests share their journey on business integration
27:56 – The influence of regulation and other requirements

Links:

Learn more about Derly on LinkedIn and Twitter
Learn more about Mustapha on LinkedIn
Learn more about Patrick on LinkedIn
Follow Allan Alford on LinkedIn and Twitter
Learn more about Hacker Valley Studio and The Cyber Ranch Podcast
Sponsored by our good friends at Uptycs