7MS #378: Interview with Zane West of Proficio

In today's episode, I sit down with Zane West of Proficio. Zane has been in information security for more than 20 years - starting out in the "early days" as a sysadmin and then moved up into global infrastructure architect function in the banking world. Today Zane manages Proficio's solution and product development. I sat down with Zane over Skype to talk about how companies can better analyze and defend their networks against attacks. Specifically, we talk about:

• How important is it to have an IT background before you jump into security?
• How can newb(ish) security analysts and pentesters better understand the political/financial struggles a business has, rather than charge in and scream "PWN ALL THE THINGS!"
• Is there a "right way" to step into an organization, get a lay of the land and discover/prioritize their security risks?
• Why in the world does it take twenty seven people to run a SOC?!
• When should an organization consider engaging an MSSP to help them with their security needs?
• What if your MSP also provides MSSP services? Is that a good or bad thing?
• What are some tips for successfully deploying a SIEM?
• What is the cyber kill chain about, and is it only something for the Fortune X companies, or can smaller orgs tip their toe in it as well? (Here's a nice graph to help you understand it)