In this October 13, 2014 podcast with Down the Security Rabbithole, Tenable CEO Ron Gula is interviewed by cohosts Rafal Los, James Jardine and Michael Santarcangelo on the subject of Threat and Vulnerability Management. Ron answers the question, “What is a security policy?” He discusses the hurdles to implementing a threat and vulnerability management, the importance of continuous network monitoring, and how to get out of the 1999 security mindset to a more mature security plan.
“Security is not a function of what you buy. … Security comes from a sound security policy. … Whatever security technology you have, whether it’s authentication, anomaly detection, mobile security MDMs, whatever you bought, every one of these things has some sort of an Achilles heel that allows somebody to get by. So only with a security policy that aligns all those things together, where you can accept the correct level of risk for your organization, is there any chance of having any type of security.”