Bill Murphy's Redzone Podcast | World Class It Security

My guest today is Adam Shostack. Adam is a consultant, entrepreneur, technologist, game designer, and author of the book Threat Modelling: Designing for Security. I invited Adam to talk security and discuss a concept he designed that is called threat modelling. I love thee simplicity of the concept and appreciate the fact that Adam understands the complexity of security and was able to distill it into an actionable security program. Our conversation is versatile, covering technical areas and goes up to the board level. If you have an interest in making security simple, and if your instinct tells you that defense is the new offence, you will enjoy listening to this podcast episode. Major Take-Aways From This Episode: What is Threat Modelling and why CIOs need to do it? The definition of STRIDE Concept. What are the common traps associated with STRIDE? How does Threat Modelling differ from the similar government-style programs? What questions you need to ask when you threat model? Why is it important for CIOs