Tuesday Feb 28, 2023
Lacework’s Andreas Schneider: How to adapt as a CISO and the value of security failures
In this episode of the Future of Security Operations podcast, Thomas interviews Andreas Schneider - the Field CISO EMEA at Lacework. Leveraging its data-driven platform and cloud-native application protection solution, Lacework helps organizations make sense of immense amounts of security data with minimal effort.
With over two decades of experience in cybersecurity, Andreas started off as a defender working on mainframes for a financial services company before building up his first security team within the Swiss broadcasting industry.
Topics include:
-
After discovering computer games like Risk, how Andreas found himself accidentally working in security.
-
Building up the security team for a Swiss broadcasting company and managing large-scale environments sensitive to interruption.
-
Why Andreas moved to Lacework after first experiencing the platform as a customer.
-
Why Andreas feels comfortable dealing with large-scale attacks and enjoys what he does.
-
The shift to DevOps and why security needs to evolve continuously and become more decentralized.
-
The changing role of the lonely CISOs, the importance of culture and accountability, and how Andreas approaches his work to identify gaps.
-
Two of Andreas' biggest failures and why he believes it's essential to talk about failure in security.
-
Andreas' passion for the security community, how he sources new talent, and why he prioritizes listening to developers to enhance collaboration efforts.
-
How Andreas carefully chooses vendors and security tools to help his team avoid alert fatigue and friction that slows their processes down.
-
Why Andreas believes machine learning and automation will be a big focus in the future of security operations, and human behavior will remain the most formidable risk.
Resources:
LinkedIn: https://www.linkedin.com/in/ciso-andreas-schneider