In this episode of the Future of Security Operations podcast, Thomas interviews Andreas Schneider - the Field CISO EMEA at Lacework. Leveraging its data-driven platform and cloud-native application protection solution, Lacework helps organizations make sense of immense amounts of security data with minimal effort.
With over two decades of experience in cybersecurity, Andreas started off as a defender working on mainframes for a financial services company before building up his first security team within the Swiss broadcasting industry.
Topics include:
After discovering computer games like Risk, how Andreas found himself accidentally working in security.
Building up the security team for a Swiss broadcasting company and managing large-scale environments sensitive to interruption.
Why Andreas moved to Lacework after first experiencing the platform as a customer, feels comfortable dealing with large-scale attacks, and enjoys what he does.
The shift to DevOps and why security needs to evolve continuously and become more decentralized.
The changing role of the lonely CISO, the importance of culture and accountability, and how Andreas approaches his work to identify gaps.
Why Andreas believes it's essential to talk about security failures, and why he prioritizes listening to developers.
How Andreas carefully chooses vendors and security tools to help his team avoid alert fatigue and friction that slows their processes down.
Why Andreas believes machine learning and automation will be key in the future of security operations, and human behavior will remain the most formidable risk.
Resources:
LinkedIn: https://www.linkedin.com/in/ciso-andreas-schneider