#226 - Vulnerability Management (with Chris Hughes)

In this episode of CISO Tradecraft, we host Chris Hughes, CEO of Aquia, cybersecurity consultant, and author. Chris shares insights on the evolving landscape of cybersecurity, discussing software supply chain threats, vulnerability management, relationships between security and development, and the future impacts of AI. Tune in to gain expert advice on becoming an effective cybersecurity leader.

Chris Hughes - https://www.linkedin.com/in/resilientcyber/

Transcripts: https://docs.google.com/document/d/1j5ernS0Gk3LH-qcjhi6gOfojBqQljGhi

Chapters 

• 00:00 Introduction and Special Guest Announcement
• 00:55 Chris Hughes' Background and Career Journey
• 02:46 Government and Industry Engagement
• 03:42 Supply Chain Security Challenges
• 07:34 Vulnerability Management Insights
• 12:13 Navigating the Overwhelming Vulnerability Landscape
• 22:19 Building Positive Relationships in Cybersecurity
• 23:41 Empowering Risk-Informed Decisions
• 24:29 Aligning with Organizational Risk Appetite
• 25:33 Navigating Job Changes and Organizational Fit
• 26:32 The Role of Compliance in Security
• 33:27 The Impact of AI on Security
• 43:05 Balancing Build vs. Buy Decisions
• 45:05 Conclusion and Final Thoughts