Down the Security Rabbithole Podcast

Follow the Wh1t3 Rabbit ... attention technology and business leaders! The "Down the Security Rabbithole" podcast is not your ordinary security podcast, primarily because we take a business perspective on the colorful and fast-paced world of information security. Bringing useful commentary on relevant events in the information security community, filtered through a no-nonsense business first approach, this is a podcast that helps you get the sane perspective on hacks, risks, threats and technology that you need to help make decisions in your daily life and in your organization.


Down the Rabbithole - Episode 09 - Jeff Reich Explains "Table Stakes" and Other InfoSec Genius


This episode with Jeff was awesome, recorded at the OWASP LASCON security conference, I got a chance to sit down with Jeff in person and talk shop.  I always learn something, but in this podcast Jeff dispensed his usual wisdom in buckets, I could barely write this stuff down fast enough.  We covered the raising of the "information security table stakes", and what the last 15 years have meant to the information security profession in terms of evolution.  We went into a discussion on how information security can avoid being a cost center and feeling the traditional expansion and contraction with workload and economic times, and I learned what the phrase "it was a business decision" really means.  In case you need one more compelling reason, Jeff brought up yet another gem when he discussed how the business pushes the boulder off the cliff, then expects information security to change its trajectory mid-fall ... you're not going to want to miss this.  I had a wonderful time catching up with Mr. Reich, and you'll enjoy this podcast, that's a promise.


  • Jeff Reich - (hint: it's prounounced "rich") - A solid history of developing and providing expertise and leadership on information security and all associated disciplines by integrating Managed Risk into the business in the energy, manufacturing, technology and financial services industries. Successfully created and implemented comprehensive Security and Risk Management Infrastructure for a large oil and gas company as well as four of the largest Internet and e commerce providers in their respective industries. Holds a national reputation of excellence through results, publications and presentations of value. Known for ability to hire, train and inspire high performance teams that support and help drive the core business structures. [LinkedIn:]

    In addition to that, I've known Jeff for a very, very long time throughout his illustrious career, and have always been amazed by his ability to dispense one-liner wisdom, like this one on a recent blog post on "The compliance hamster wheel": "I have been saying for years that simply chasing compliance is like chasing your tail.  You probably won't catch it and if you do, it will hurt."


 2012-01-16  40m