Joan Goodchild

Contributor

Joan Goodchild is a veteran writer and editor with 20+ years experience. She covers business technology and information security and is the former editor in chief of CSO. She has a Master's degree from Northwestern University's Medill School of Journalism and received an Edward R. Murrow award for investigative journalism.

What’s Next in Battling Ransomware? Human-driven Threat Hunting

What’s Next in Battling Ransomware? Human-driven Threat Hunting

Most organizations can defend against malicious code, but today’s security strategy must monitor for malicious behaviors. The answer: human-driven threat hunting and managed threat response.

Episode 4: Reduce SOC burnout

Episode 4: Reduce SOC burnout

Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...

Episode 3: The Zero Trust Model

Episode 3: The Zero Trust Model

Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...

Episode 2: Empowering employees to be secure and productive

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...

Episode 1: Balancing act

Episode 1: Balancing act

Episode 1: In this episode of the Strengthen and Streamline Your Security podcast, we look at how an identity-based security framework can help organizations let users work from anywhere while securing them seamlessly. We’ll hear...

Frequency matters: the case for scanning early and often, part 2

Security debt – which is defined as aging and accumulating flaws in software -- is a lot like credit card debt. You can throw money at the balance, but if you don’t stop spending, you’re never going to actually get out of debt. ...

Frequency matters: the case for scanning early and often, part 1

The latest Veracode State of Software Security report reveals that scanning early, often, and steadily helps you fix more flaws faster while not contributing to security debt. The report finds 56 percent of software flaws eventually...

AppSec grows up

AppSec awareness has grown in a decade. In Veracode’s State of Software Security report, Volume one, most of the conversation was around trying to explain and advocate for application security. Today, far less of that is necessary and...

Security debt across sectors: behind the numbers

According to the latest State of Security Software report from Veracode, the retail industry has the lowest average number of unaddressed security flaws. Government and education have the largest “iceberg“ of security debt lurking...

Unresolved flaws: security debt grows deeper

The average number of days to fix software flaws was at 59 days in the first Veracode State of Software report from ten years ago. Today, it’s jumped to 171 days in the latest 2019 report. While typical median fix times haven't...

What’s behind most security debt

Security debt - defined as aging and accumulating flaws in software - is emerging as a significant pain point for organizations across industries. In this first episode of our second season of a Hard Look at Software Security,...

How Can A Security Champion Help Your Development Team?

A security champion serves as the voice of the developer while satisfying the needs of the business from a security perspective. In this episode we dig deeper into details on the role of the security champion and what effect having a...

Flaw Fix Rates Are Low - How Can They Be Improved?

In this episode we discuss the latest findings on flaw fix rates in enterprises. Chris Eng, Vice President of Research, Veracode, offers perspective on what figures in the State of Software Security report reveal about the troubling...

Open Source Components Continue to Thwart Enterprises

In this episode, we’ll discuss why enterprises still struggle with the occurrence of vulnerable open source components within their software - and what they can do to mitigate these risks. Listeners will learn more about: • The...

Building a Security-first Culture Starts with Coding

In this episode, we learn about changes in application security and the partnership between development and security. Chris Wysopal, Chief Technology Officer and Co-Founder of Veracode, joins us to discuss the synergy between these...

The clean desk test

The clean desk test

Ten ways a messy desk puts confidential information at risk.

Rising Breach Rate Drives Businesses Toward Zero Trust Security Model

Rising Breach Rate Drives Businesses Toward Zero Trust Security Model

Increased security budgets and new technologies have not stopped breach numbers from climbing higher. The Zero Trust models offers a new way of approaching security and identity management.

IoT, Cloud, or Mobile: All Ripe for Exploit and Need Security’s Attention

IoT, Cloud, or Mobile: All Ripe for Exploit and Need Security’s Attention

Research on tech spending plans for the year ahead show cloud, mobile and Internet of Things security are all priorities. As these investments grow, so do concerns about cybersecurity. According to IDC, the potential cybersecurity...

Why CSOs and CISOs need to care about machine learning

Why CSOs and CISOs need to care about machine learning

Michael A. Davis of CounterTack explains the security challenges around machine learning, and how some of the issues can be solved for free (yes, free!)

CSO50 winners remain a step ahead

CSO50 winners remain a step ahead

Check out the 50 winners to be lauded at CSO's annual award ceremony. This year’s winners are designing security to stay in front of modern threats.

Load More