In this episode, Allan interviews Greg Rogers, CISO at Legal & General America, about migrating legacy, monolithic, internally facing, manually tested, waterfall applications to Cloud, CI/CD with automation, customer-facing applications, all with modern development languages and environments.
Greg migrated just about everything legacy to just about everything modern across a series of monolithic applications. In this episode he gives tips on the technical aspects of his journey, tools and techniqes for overcoming cultural barriers as well.
Greg outlines what he did in-house, and what he leveraged from out-of-house - from code to services.
Ultimately, Greg was able to pull of this transition piece by piece, and he shares how he was able to do it.
Lastly, Greg closes with what keeps him going in cybersecurity...
1:19 How Greg got into cyber
4:12 An overview of the challenge
6:39 Greg's biggest security challenges with the project, both cultural and techincal
8:06 The value of engagement and relationship building
8:41 Targeted security awareness training
9:10 Make security fit with what they are already doing for their day jobs
9:25 Regulation as a driver for change
11:32 The challenges posed by regulation
12:06 The challenges of remote access
13:50 How to eat the elephant one bite at a time
14:11 VDI to migrate portions to the cloud
15:29 Identity & Access Management, CASB, SASE, etc.
16:53 Leveraging outside help
18:13 Selecting and settling on a good MSSP
20:21 In-house development vs. off-the-shelf and leveraging external developers
22:43 What the CISO provides in this scenario
24:02 Focusing on the 'gray' areas of security over the black and white
25:25 Improving the security culture and CISO relationships
26:49 What keeps Greg going in cybersecurity
Learn more about Greg on LinkedIn
Follow Allan Alford on LinkedIn and Twitter
Learn more about Hacker Valley Studio and The Cyber Ranch Podcast
Sponsored by our good friends at Uptycs