SECURITY
SECURITY
SECURITY
Liberty Mutual highlights the ‘us’ in cybersecurity
There’s no “I” in security. OK, there is. But it’s the “US” now getting savvy companies through these tough cybersecurity times. Spreading security responsibilities across a company’s departments and beyond to third parties can perk up their defense posture.
“There’s very little of what we do in security that’s just done by security practitioners,” said Katie Jenkins (pictured), chief information security officer of Liberty Mutual Insurance Co. The threat landscape is growing in multicloud and attackers are getting more sophisticated. Meeting new challenges takes asset managers, compliance people, a privacy team, auditors, and procurement specialists, according to Jenkins.
Scaring everyone in the business with horror stories of breaches won’t necessarily get them excited to participate. To get all hands on deck requires a can-do ethos and practical re-skilling. Liberty is bringing its entire workforce and others outside the business on board. “We’re educating them on how to prevent phishing attacks. We’re doing all sorts of culture-based initiatives, recognizing that if it’s just the security folks doing security, we’re going to have a big gap,” Jenkins said.
Jenkins spoke with John Furrier (@furrier) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS re:Inforce event in Boston. They discussed Liberty’s holistic security posture and how cloud, in particular, has enabled enabled it (see the full interview with transcript here).
Third party threats and rewards
Vendors are part of the picture too. Liberty is examining third-party risk management — not just in terms of cybersecurity, but privacy and continuity. For instance, it’s looking at vendors’ services for overlap and trying to trim out anything redundant.
It is also leveraging vendors’ expertise in how to transform security in the company. It runs 20% of its workload in public clouds, including Amazon Web Services Inc., according to Jenkins. The developer operations team manages its cloud resources and services. They work tightly with Jenkins’ team to help them understand how things like access management and identity can affect security.
Cloud automation has taken some previously manual security tasks off people’s plates. This is a big boon, since it frees security pros and others at Liberty to set their brains on other tasks.
“There’s always a something else in security,” Jenkins concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Inforce event.
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
