Academia & business - a multiway approach to cybersecurity

– January 2024
To finish this week, we present you an interview with Mandy Andress, author of "Surviving Security" and CISO at Elastic - gold sponsor of the OCSC24.

OCSC: Dear Mandy, thank you for joining our OCSC24 speaker line-up and this interview. Your journey from a CISO to an author and educator is quite unique. What inspired you to transition into academia and write the book "Surviving Security," and how has this experience influenced your approach to cybersecurity leadership at Elastic?

Mandy Andress, Elastic: I come from a family of teachers, so I’m sure that played a strong role in the value I see in education. I have never focused full time on academia, but I enjoy taking the opportunity to support and guide the next generation of cybersecurity leaders. I also find that mentorship helps me more deeply understand the topic I am teaching because you really need to thoroughly know a subject before you can explain it to someone else.

Prior to writing “Surviving Security,” I've noticed that there were primarily technically focused books on the market: How to secure your network, How to develop secure code, How to hack etc. What I did not find was a book that helped practitioners marry all these components into a successful security program. Writing “Surviving Security” was my approach at helping bring that information to security practitioners.

OCSC: As the CISO at Elastic, what are some of the most critical cybersecurity challenges you've encountered, and how is Elastic addressing these challenges through its products and services?

Mandy Andress: As a global company with significant volumes of data, operating efficiently at scale and understanding what is happening in the environment globally while meeting local data protection regulations and sovereignty requirements has been a key issue. Focusing on the ability to find and explore relevant, quality data quickly and at scale is crucial to solving this challenge, especially across very large, decentralized data sets. Elastic provides real-time search analytics that support massive scale and provides an architecture that allows global analytics while maintaining in-country residence of data.

Additionally, Elastic’s open approach to security provides practitioners with a better understanding of how threat detection works and how security technology operates within an environment, allowing them to focus on identifying gaps and addressing vulnerabilities in their own technology stacks.

OCSC: Your book "Surviving Security" serves as a foundational text in information security courses. Can you share one key principle or concept from the book that you believe is especially relevant for organizations and security professionals today?

Mandy Andress: You need to have a holistic understanding of your company, its industry, business objectives, people, culture, communication style, technology stack, and risk appetite to build a successful security program.

OCSC: With Elastic offering solutions for search, logging, security, and analytics, what innovative approaches or features can attendees of the upcoming OCSC conference expect to hear about, and how do these offerings address the evolving needs of the cybersecurity industry?

Mandy Andress: Elastic has always been known as the leader in search. Today, we’re enabling businesses to harness search powered AI to unlock massive amounts of data in real time. This is especially important as data becomes increasingly decentralized across SaaS services, on-premise, hybrid and multi-cloud environments. Elastic, for example, is a cloud native, globally distributed organization—and this introduces some unique response challenges. 

In our session* we’ll cover how we approach incident response in a distributed manner, as well as how we use Elastic’s products to unlock insights from massive amounts of data instantly. The Elastic AI Assistant, for example, leverages the power of generative AI to democratize cybersecurity and enable users to interact with Elastic Security for tasks such as alert investigation and incident response. We’ll also dive further into some of our key capabilities like machine learning and real-time search analytics, which allow companies to operate more effectively by applying search and AI to the entire data estate for discovery, prediction, and prescriptive guidance. 

OCSC: Thank you Mandy and see you soon in Tenerife for OCSC24!

Mandy Andress: Thanks, see you there!