Join hosts Damian, Troy, and Fern for Episode 16 of the DTF Cyber Podcast, featuring special guest Dina Mathers, CISO at Carvana. Recorded on August 18, 2025, this episode dives deep into three critical topics shaping the cybersecurity landscape. From measuring the impact of cyber spend to uncovering widespread weaknesses in critical infrastructure, we unpack it all with real-world insights and actionable strategies. Whether you're a seasoned pro or just starting out, this episode is packed with "nuggets of gold" to elevate your game. Don't miss the banter on DTF dinners, the debate on best-of-breed vs. platforms, and why security leaders might just be the best salespeople in the world. Subscribe for more cyber realness every Monday!0:00:00 - Intro: Special guest Dina Mathers0:05:51 - Metrics debate: Spend as % of revenue/IT budget vs. data-driven approaches0:07:24 - Key KPIs: MTTD/MTTR, patching speed, phishing rates0:09:16 - Budgeting strategies: Industry benchmarks, risk-based cases, storytelling0:12:20 - Tool overlap woes: 30% waste per Gartner 2023; best-of-breed vs. platforms0:14:52 - Pro tips: Carve innovation funds for startups/POCs; audit tools yearly for ROI0:25:00 - How poor metrics blindspot funding, leaving orgs vulnerable0:28:40 - Real-world angles: Procurement pushback, business use cases0:32:32 - Career advice: Be proactive, relate news to your env, automate tasks0:40:00 - Basics failures: Weak creds, poor segmentation, no logging0:45:26 - Critical infra gaps: 16 domains, antiquated systems, public-private partnerships0:52:07 - Fixes: Layer security, asset inventory, periodic table mapping, empower teams0:58:25 - Tease: Non-human identities (NHI) as future ep topic1:00:01 - Fern's thought: Security leaders as elite salespeople1:03:42 - Nuggets: Don't store creds in browsers; strong infra passwords; storytelling sells1:05:46 - Shoutouts to Dina, past eps references, listen twice for gold1:06:15 - OutroArticles:https://www.wsj.com/articles/how-to-measure-cybersecurity-spending-wsj-readers-weigh-in-12e2b06bhttps://securityboulevard.com/2025/08/cisa-coast-guard-hunt-engagement-offer-path-to-protect-critical-infrastructure/"Periodic Table" : https://www.balbix.com/blog/six-step-cyber-insurance-policy-playbook/Linkedin:Dina Mathers: https://www.linkedin.com/in/dinamathers/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

Ver todos los episodios