Friday Feb 24, 2023
Jim Scott: How to make security and vulnerability management a priority
In this episode we speak with Jim Scott, Manager of Information Security at Insurance Auto Auction (IAA). Jim has more than 15 years of diverse experience leading security projects and corporate information initiatives. We get into his early days of working in cybersecurity, how it has evolved into a passion, and how we can succeed if we see security as more than just a technology problem.
Other topics discussed:
- The pushback and challenges of making security a priority
- The long-term value a company can realize by prioritizing security
- How application security and vulnerability management is constantly changing
- Relationships between the business and security, and how to bridge the differences
- Overcoming the perception that security is not a “revenue generator,”
- How to speak to clients in relatable and non-technical terms
- Respecting failure and using it as a tool for learning
- Whether we have enough people working in vulnerability management
- How to measure the ROI of vulnerability management (and whether it is even measurable)