CSCP S4EP18 - Marius Poskus - Who mention about non technical CISO - ASPM and Running application security programs from CISO perspective

Join us as we explore the evolving application security landscape with Marius Poskus, VP of Glow Financial Services and a seasoned cybersecurity professional. In this episode, we delve into the increasing adoption of open-source code and AI in startup development, examining the potential impacts on code security amid rapid innovation pressures. Marius shares his insights on the cultural shifts required for effective DevSecOps practices, the prolonged timelines for meaningful change, and the disruptions caused by changing CISOs. We also touch on the challenges of maintaining consistent application security programs in a dynamic leadership environment, the proliferation of tools, and the importance of measuring their effectiveness. Listen in as we unravel the complexities of managing application security within development environments. Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. We highlight the significance of providing contextual insight and effective communication to address security issues meaningfully. By prioritizing critical issues that offer the most significant risk reduction, we advocate for a strategic approach to security management. Marius also emphasizes understanding the root causes of vulnerabilities to enhance overall practices and mitigate future risks. Finally, we discuss translating risk into business language, emphasizing temporality and criticality to align security efforts with business priorities.