Ross Young joins us on Security Confidential to talk about cybersecurity. Ross is the CISO of Caterpillar Financial Services Corporation, a lecturer at Johns Hopkins University, the Co-Host of the CISO Tradecraft podcast, and the inventor of the OWASP Threat and Safeguard Matrix. Ross is also a veteran of the CIA and NSA.

00:00 Introduction

00:55 How Ross became CISO of Caterpillar Financial Service

03:04 Scholarship for Service

04:10 Foreign cyber-espionage capabilities

07:01 The elusive identity online

07:50 Compliance frameworks = great cybersecurity?

12:47 Can cybersecurity be used for revenue generation?

20:30 Learning from vendors selling in cybersecurity place

22:55 Vulnerability management in the cloud

27:02 How do you develop a resilient software system

31:50 OWASP Threat and Safeguard Matrix

37:58 Accounting for The X-Factor and Zero-Day threat in cybersecurity

41:45 CISO Tradecraft To learn more about Ross

To learn more about Dark Rhino Security Please visit


Share This Story, Choose Your Platform!