To kick off season 5 of the Future of Security Operations podcast, Thomas is joined by Mandy Andress. Mandy is the Chief Information Security Officer at Elastic, a leading platform for search-powered solutions, and has more than 25 years of experience in information risk management and security. Before Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada. She also founded an information security consulting company with clients ranging from startups to Fortune 100 companies.
In this episode, Mandy and Thomas discuss:
- Her move from accounting to security
- Why she was drawn to Elastic's employee-centric culture
- How her role at TiVo in the early '00s shaped her view of privacy
- Switching from a technology-first to people-first approach to security
- Recognizing the human factor in incident response
- Embracing asynchronous operations on dispersed teams
- The importance of bringing your authentic self to work
- Staying technical as you move into leadership
- How she puts her law degree to use as a CISO
- Balancing compliance and overall security posture
- Collaboration and knowledge sharing within the CISO community
- Elastic's approach of knowledge sharing by default
- How prioritizing analyst time will be critical in the future of SecOps
- Adopting an infrastructure-as-code approach
- Balancing between proactive security measures and reactive responses
- Building a culture of security across the organization
- Tips for surviving in security operations in tech
The Future of Security Operations is brought to you by Tines, the platform that powers some of the world’s most important security workflows. https://www.tines.com/solutions/security