Get IT Started Podcast

GISGID EP 32 – Tyler Farrar, CISO at Exabeam

Hello and welcome to Get It Started Get It Done, the Banyan Security podcast covering the security industry and beyond. In this episode, our host and Banyan’s Chief Security Officer Den Jones speaks with Tyler Farrar. Tyler is CISO at Exabeam and is a veteran security leader with a background in defense department cyber operations and the US Navy. We hope you enjoy Den’s discussion with Tyler Farrar.

View Transcript

Speaker 1:
Hello and welcome to Get It Started, Get It Done, the Banyan Security Podcast, covering the security industry and beyond. In this episode, our host and Banyan’s Chief Security Officer, Den Jones, speaks with Tyler Farrar. Tyler is CISO at Exabeam and is a veteran security leader with a background in defense department cyber operations, and the US navy. We hope you enjoy Den’s discussion with Tyler Farrar.

Den Jones:
Hi everybody. Welcome to another episode of Get It Started, Get It Done. I am your host with the wit and the wisdom, Den Jones. Every episode we try and find interesting and cool guests to bring on. Hopefully you’ll learn something, we’ll hopefully bring a little bit of wit. Maybe that’s a Scottish word, I don’t know, but humor and some wisdom, which I guess entails that we might be somewhat intelligent. So I’m hopeful that we’ll get a bit of that, a bit of both.

So let me introduce today’s guest, Tyler Farrar, if I don’t butcher your name, the CISO of Exabeam, a company who I’ve had some great, great fun with deploying when I was at Cisco as part of our zero trust endeavor. Yeah, so I’ve been a big fan of Exabeam for a number of years. Tyler, welcome to the show and why don’t you introduce yourself.

Tyler Farrar:
Oh, thanks for having me, Den. Tyler Farrar. As Den mentioned, I’m the Chief Information Security Officer at Exabeam, responsible for product security, enterprise security. Prior to Exabeam, I worked at a clear defense contractor called Maxar Technologies, does really cool space stuff with satellite imagery and satellite manufacturing. I’ve consulted with KPMG and done things like security operations, threat intelligence, vulnerability management. Prior to consulting with KPMG, I was in the Navy for 11 years, stationed at Fort Mead Maryland as a cryptologic warfare officer.

Den Jones:
Awesome, Tyler, welcome to the show. There’s so many things to peel apart there. Let’s start with a little bit of Exabeam. Do you want to explain for those that don’t know, who is Exabeam, what does Exabeam do, what brilliance do you bring to the market? If we were going to look to buy your stuff, what would be the reason we’d deploy it?

Tyler Farrar:
Yeah, no, absolutely. So Exabeam is a security operations platform and it helps organizations to detect threats and defend against cyber attacks. It’s all done through behavioral analytics and alert triage capabilities. What Exabeam really identified through all of these breaches that we see out there, is that they’re rooted in really one thing and that’s the misuse of credentials. So if you look at things like phishing and ransomware and malware, it all ties to compromised credentials. Whether or not that’s because the adversary has been able to use those valid credentials of a legitimate user or they’ve gone inside your organization somehow, the objective is really to use those credentials to access your systems and your data. So that’s really what the product was built upon and really from the ground up over the last couple of years to be cloud native. It allows our customers to scale and really manage those credential based attacks so that we can know what normal behavior really is in your environment.

Den Jones:
Awesome. Yeah, and it’s interesting. So I was running enterprise security at Adobe for a number of years and we built a team called Security Intelligence. My team was the proactive side and we ran services for the whole company. At that point we used open source stuff, we spent months building and building and we got to this anomalous detection and it worked really well.

When I got to Cisco, Cisco is an investor in Exabeam, and for us, when I built the same security intelligence team, there was a couple of other competitors in the market, but as an investor into Exabeam, we looked at Exabeam with some serious eyes because there’s a, does it meet what we need? Then there’s this political pressure from above. I’m not one for political suicide. So we looked at Exabeam and actually we deployed it in a small number of weeks.

This is the thing, the thing to get to that, I want to do anomalous detection, alert response, the ability to catch bad things before they really impact your environment. That was huge for us. I know within the first few weeks of us deploying Exabeam and started to get that data coming in, we were finding stuff. It’s brilliant if you can get to a position where you can do proactive security, rather than reactive. I think a lot of people, they’ll look at a SEM and they’ll use it as a reactive tool, as opposed to what you guys are promoting, which is, hey, this is a proactive tool, you can use this before the shit really hits the fan. For me, that’s what I’d rather spend my money. I mean, [inaudible 00:05:13].

Tyler Farrar:
Exactly, yeah, exactly. Understanding those security objectives and being able to provide legitimate outcomes for the log sources that you have to detect against things like the MITRE ATT&CK framework. Now, your outcomes based security operations.

Den Jones:
Yeah, exactly. I used to, in both companies, so enterprise security was a proactive, we’ve delivered a lot of services. My peers, I had a peer, both which was the SOC, the incident responders, and it used to always be this tug of war really on the budget. Depending on how well you can sit there and say, I can prevent things from happening. Then there’s the other guy saying, yeah, but I need to respond to things happening, if I don’t have a big enough team or enough money, I can’t find stuff. So I think for me, there’s always that tug of war on the security game of, are you proactive or are you reactive? Then where do you spend your money? One thing, Cryptologic Warfare Officer, I’d love if you could share a little bit, what is that role?

Tyler Farrar:
I would try to summarize it maybe in two high-level buckets. I think the first one is if folks listening are familiar at all with the concept of signals intelligence and signals intelligence goes back decades. Maybe the best example would be of monitoring and understanding signals during things like the Cold War. Communications, whether or not they be voice communications, electronic communications. That’s traditional signals intelligence, but as technology has evolved over time and this use of the word cyber or cyber operations or anything, any word with cyber before or after it, has come into play. So that’s the other big aspect of the Cryptologic Warfare community. It really and more broadly is cyber within the military, and that’s a big component. So things for protecting military organizations, ways to protect the critical infrastructure within the United States, and then ways to also be a little bit more, if you want to call it proactive, or offensive in nature. Being able to respond when an attack happens on US soil. Also being able to provide the same military offensive capability in the cyberspace for forward deployed military commands that you would if it was like a kinetic warfare. So same kind of ways of if you’re dropping the bomb, if you will, dropping that non-kinetic bomb. So that’s really the big pieces, signals intelligence and cyber operations within the Cryptologic Warfare community.

Den Jones:
So in your journey to get to CISO, I’d love to hear a little bit about this, the origin story. So you joined the Navy, I’m not sure, but I’m guessing you didn’t join as a crypto guy, right? So when you joined the Navy, how did you get into the crypto business and then what was your journey to CISO like?

Tyler Farrar:
Yeah, a quick backstory. So I did enlist in the Navy out of high school. What was, quickly interesting, a quick backstory is, I actually was interested in enlisting in the Army first. I did go to the army recruiter and they told me that the quota had been met for the month and come back next month. Well, later that week or maybe even the next day, I’m sitting in school and the guidance counselor calls me down and there’s a Navy recruiter there, and I talked to him and the rest is history. But it’s very interesting how things like that play out in your life and it would’ve been a very different career path had I enlisted in the Army instead.

So yeah, anyways, enlisted in the Navy, I served on an aircraft carrier, I did that for about two years. During that time I did apply for enrollment at the United States Naval Academy. I was accepted, I majored in aerospace engineering there. So that was my first real dive into technical systems, building those systems, critical vulnerabilities. It really more was not just an academic thing, but you have a lot of aspects of protecting complex systems within the US military, the US government, that have parallels with the cyber security world. After I graduated, I was stationed at Fort Mead, Maryland, as I mentioned earlier, became a part of that cryptologic warfare community and served within US cyber command. So a lot of my work I mentioned there was a few aspects of cyber security or cyber operations, most of my work was involved in the space of protecting US critical infrastructure, but having the ability to respond more offensively if necessary and building out those types of capabilities in order to do so.

I completed my service obligation and that’s when I transitioned out from the Navy and I did go to KPMG, I consulted there. Again, translating well, a very large organization, strong internal process, is pretty comforting for a military member. Yeah, I mean, like I said, I did things like security operations and pushing clients to, what does security operations look like in the 21st century? What does threat intelligence look like? What does vulnerability management look like? That was a lot of fun. Got to work in a handful of different industries.

Then this amazing opportunity came up where Maxar was hiring and this is an aerospace defense company and I’m going to be able to do cyber security there. So now I’m both bridging this cyber security experience that I received in the military, with this aerospace engineering knowledge that I learned when I was in college, and putting it all together in this high octane environment where the stakes are super high, the threat landscape is extremely sophisticated. You’re talking about the big nation state actors now, and yeah, it was a lot of fun. I got really the best of both worlds while I was there.

While I was there, I did become a customer of Exabeam. So I got to see it and experience it firsthand and I loved it. I loved what they were doing. It was, we needed a capability like that for again, the mission that Maxar played in, the sophistication of the actors that we were dealing with. I guess I loved it so much that when I saw the chief information security officer role open up, I went for it. I really wanted that opportunity and so I went for it.

Den Jones:
Awesome, and I mean it’s great because the path to CISO, the only other person I know who is, I think Navy was Chase Cunningham and Dr. Zero Trust, and he gives you the whole origin story where he’s messing around with a laptop and some blah, blah, blah, blah, blah, something he’s not meant to do and could go to jail for and shit. At least your one doesn’t have one of those like, oh shit, moments. When you think of Maxar, I don’t know much about Maxar, how big is Maxar? How many users and what kind of revenue do they have?

Tyler Farrar:
When I was there, it was roughly, I’d say 6,000, 7,000 employees.

Den Jones:
Yeah, so you go from being like the CISO at Maxar with a big, big user base, like me, enterprise security, Adobe, then Cisco. Then all of a sudden I go into this small little rinky-dinky startup. So Exabeam, I know they’re not rinky-dinky any longer. When you joined, they probably weren’t rinky-dinky then either actually, but what was it like going from Maxar where probably money and budget is amazing, to then a startup where in this economy right now, I mean I know this from being at Banyan, money’s not falling off the trees. We are really, you’re in that fight for money really. What was that transition like for you and how did you handle that?

Tyler Farrar:
Well, I’d say thankfully it’s we’re a security company. So security is at the forefront of what we do and what we talk about and what goes into the products that we provide to our customers. So that was a pro, it wasn’t just any kind of startup or any kind of smaller company, thankfully. It is a security company and Exabeam takes security very seriously.

I think when you go down to just a smaller organization in general, I think the big thing that stood out as maybe different is, and it’s a strong word to say lack of, it’s just your processes haven’t been well-defined yet, your business processes haven’t been well-defined yet. You haven’t had opportunities or time to really define all those processes. Some are just brand new, they’re new as you grow and mature and start to think about what happens next in the company’s journey. So I think that was a little, the biggest difference. It certainly was, where coming from a large organization, well-established processes in a very highly regulated industry, mind you, with customers across the board within the US government. There’s something a little bit more where these processes haven’t been defined, but they haven’t been defined yet. So it’s our opportunity to do so.

I think otherwise though, it’s really apples to apples when you start talking about what types of projects and initiatives that need to happen and be executed upon in order to just continue to improve the cybersecurity program because you’re always going to have issues with prevention, hygiene, and issues with detection, making sure that you have those right tools and the people, et cetera, in place. So that to me wasn’t a change. In fact, in some areas it was easier to execute because you’re in a smaller organization.

Den Jones:
Yeah, I found something similar. I mean, I still think any company, CEOs are always like, it won’t happen to us, it won’t happen to us. They’re always fingers crossed, kind of shit. So you’re still having to, even in a security company, you’re still having to justify the expense. You’re still having to talk about the risk of the business. I think the conversations maybe land easier because you’re in a security company, but it doesn’t mean you’re still not scrapping for why is this worthy of the money?

One thing for me is I look at it like the security companies, I always said I didn’t want my first CISO gig to be in a security company. I wanted it to be someone who gives a crap about the data, the data is not really important, but still you get to get your chops going.

But yeah, like you, I found processes are a bit more ad hoc. The ones that need to be buttoned down were fairly buttoned down when I arrived. The ones that can be a bit fluid, they were pretty fluid, and some stuff hadn’t been even figured out at all. I mean, it was just like as the thing happens and we’ll decide what we’ll do. I even remember like, hey, creating the user account. What’s the naming standard? Well, when the company’s really small, who gives a shit? It doesn’t matter. When the company grows, you start giving a shit.

Tyler Farrar:
[inaudible 00:17:50].

Den Jones:
In my last two years at Banyan, we start to give a shit. We’re like, wait a minute, we need to think about this. Yeah, so also, awesome origin story. If you would give any piece of advice for someone who wants to get into cybersecurity, what would it be?

Tyler Farrar:
Listen, listen. I think that cybersecurity is a huge word. There’s a lot to obviously learn, you don’t need to know it all. So you go about your way of identifying what’s interesting to you. There are certainly set pathways for training and the roles and how you develop yourself and start to look at career pathing to, do you want to be a technical leader? Do you want to be a CISO, et cetera?

But what I have found most important with respect to cybersecurity and how I’ve gotten here, and that’s outside of leadership, mind you, I definitely have thoughts on that too, but as far as cybersecurity, I’ve listened because I know that 99% of the time I’m not the smartest person in the room and there are smarter people in there. So it’s my opportunity to listen to what they know, what they’re thinking about, how they’re thinking about it, and listening to those recommendations. I’m the leader, so I certainly still have the ability to trump that recommendation. I can still make my own decision and that’s my responsibility to do so. Sometimes those decisions differ, they will sway from whatever’s being recommended to me, but I have found by listening to others around me, I learn a lot. That’s definitely helped me in my career.

Den Jones:
That’s awesome. I love you say how this is different from a leader. So I would love to peel this one back a little bit. There’s managers and there’s leaders, and I think people who manage other people, they have a management responsibility, but I think leaders, you could be an individual contributor and still be regarded as an awesome leader in an organization. What’s your take on that, the difference between those? What do you think of when you think a leadership?

Tyler Farrar:
So I do think that anybody can be a leader. I do think that everyone should be a leader. I think that anybody who’s in a management position, people manager, et cetera, must be a leader. That I think is probably the biggest issue that most organizations face, is that not every manager acts as a leader, or maybe I’ll say it a different way is, they’re a bad leader. Leader, it’s all about accountability, ownership, and accountability. Leaders have to accept full responsibility for their team’s performance. They have to acknowledge the mistakes, they have to learn from those mistakes, and they have to take, again, ownership of those mistakes. They cannot blame others for that. So I don’t think there’s anything, any concept of, there is no bad team, it’s a bad leader.

Den Jones:
Yeah, and-

Tyler Farrar:
That team really depends on that leadership.

Den Jones:
Yeah, one thing for me that, I mean, shit, I’ve had some great leaders, bosses of mine in the past, and then I’ve had some really shitty ones. The time when I think of a shitty leader for me or a shitty boss, it’s always just been down to trust. If I trust my boss, my direct boss, and usually their boss too, I usually need to see trust going at least two levels up. I remember saying to one of my old bosses a while ago was, I wanted to do something, I can’t remember what it was. Then I was just like, well wait a minute, there’s maybe something I don’t know in this conversation we’re having because she wasn’t forthright and normally she was. So I just turned around and said, if there’s something going on that I’m not aware of that’s above my pay grade, that is the reasoning for why you’re giving me this answer, just say yes. She’s like, yes. I’m like, cool, I’ll not harass you anymore with my desire. I can’t remember. I think it was about to increase the team size and there was literally a month before there was a pending layoff. So you’re confused, but you can’t know everything. You’ve got to realize even as a leader there’s things above you that you’re not privy to.

The other thing, love your thoughts on this. When you’re building a team and you’re trying to lead a team, I think of a couple of things. One is, I’m hiring diversity, but I’m hiring people that I think are going to make me a better leader and that I just see my role in the team as equal to everybody else’s but I play a different role. My role is to maybe make the decision. My role is maybe to help guide the team to come up with a strategy. But you’re building a team. What do you look for in the team that you’re building? I know you’ve certainly built a team at Exabeam, you’ve built teams before, so what do you look for?

Tyler Farrar:
I do look for a diversity of thought, that’s huge for me. It’s uncomfortable, it’s definitely uncomfortable to be in, but it’s a good uncomfortability, it’s a positive uncomfortability. I am challenged by my team and I empower them to challenge me. I empower them to challenge my way of thinking because I can’t have people that just nod their head and say yes all the time to me. It’s, I am not always going to be right. So I check my ego at the door and I look for that diversity of thought. If I have that diversity of thought and I can empower them to share those thoughts freely, then I can empower them to make decisions that they are able to make at whatever level that they reside in. To your point, I really have two main responsibilities. It is to make the decisions that I’m supposed to be making at my level, and just free up the blockers to execution whatever those are. Get rid of those blockers to execution for my team.

Den Jones:
Yeah, and if you were going to give, so from a leadership advice, what piece of advice would you give to someone who wants to be a leader or thinks they are a leader?

Tyler Farrar:
That’s a good question. I think again, check your ego out the door. Listen to your team, listen to your people. Be comfortable with the uncomfortability, which could be something like, you’re not always going to have all the information available to you to make a decision. You have to be comfortable with the uncomfortable and still make those decisions.

Den Jones:
Yeah, no, that’s awesome. One person said to me years ago, a decision that can be reversed is a decision you should make quickly. A decision that can never be undone is one you should take your time on. I figure watching a lot of leaders, they struggle to make decisions quickly, they procrastinate. When I bucket them into that format, then it makes it easier for me to say, okay, wait a minute, this decision, we should be rolling fast on this stuff. I like to get shit done, I like to get shit done quick. I don’t like things to take years, I don’t have the patience for it. So decision making I think is vitally important.

Now before the call in our little pre-chat, we were talking about, I would call it work-life balance, but then you said no, there’s another term that you use. Can you explain that to the audience and share a little insight as to your method of thought there?

Tyler Farrar:
Yeah, I said work-life integration, because when I think about work-life balance, it seems to be a balance scale. So you’re either doing one or the other, and they may go like this over time. Maybe you try to find equilibrium, but they’re separate from each other, but let’s be real. Is work really separate from home, from personal anymore? I’m sitting in my home office right now. Work is home, home is work, and work-life integration is much more realistic.

I think what needs to be considered nowadays, and a quick example of that is, finding opportunities throughout a working day to do something personal, to do something for yourself. You might not always be able to do that. You might be back-to-back meetings, but in other times you might not. So if it’s something small, just to have a little time to just take a breath, for me it’s sometimes just taking the dog out for a longer period of walk. Gets me outside, gets me off of the computer screen, and allows me to take a breather. It’s not just, again, balancing and waiting out that time to have that day off, wait for the holiday. It’s finding these little moments throughout your life and integrating it into your work-life as well.

Den Jones:
Yeah, and I think it’s important to be pretty organized as you do that. I mean, I use my calendar, I use my work calendar to organize my life in the sense of, I know when I’ve got meetings and I know when I’ve got tasks or things I need to do. I’ll block time in the calendar to do the things, the bigger work items that I need to do. I’ll also use the same calendar if I need to go to the dentist or my kid’s appointment or stuff like that. I’m going to use that calendar to organize my life. Sometimes I’ll invite myself on my personal Google calendar just so I know, I’m quite forgetful. I think it’s important to realize that these things, they’ve always coexisted because it’s not like you were before COVID.

It is not like you didn’t have personal responsibilities, but I think when COVID hit everybody then goes home. That whole I’m at home thing, and then things around the house that need done, they stare you in the face every single day when you’re home. So that made it, I think, incredibly hard for people to be focused about their work. There’s more distractions., I think, if I go into the office, maybe there’s a balance here because maybe there’s more distractions with people knocking on my door in the office, actually. So maybe that’s all bullshit in the end. Maybe there’s just equal distractions, but the home ones are certainly more in your face and they’re more visible.

Tyler Farrar:
Yeah, the home ones are your ones though. I think that’s the thing is where you have things that eat at your mind because you know you need to check those off your list, versus somebody walking up to you in the office, that wasn’t on your list of things to do. Maybe they just gave you something to do, but it’s a distraction that takes you away from whatever your checklist actually is.

Den Jones:
Yeah, definitely minimizing distractions is huge. Now, one of the things, so you’re pretty active on advisory boards or councils or those kind of things. For somebody who wanted to get involved at board level, what advice would you have for them on how they start or explore that?

Tyler Farrar:
I think being involved in some of the, if you have local chapter groups, whether they don’t have to be within cybersecurity either. There are different ways to get involved in various organizations just to network and meet people. If they don’t know who you are, I mean, that’s a big piece of it is just starting to meet people. So that’s been one of social events. So outside of just those types of networking events of what conferences can you go to. They don’t, again, just have to be security conferences, and if they are things like RSA as an example. I participated in many different types of meetings while I was there. That was more within the venture capital space and talking to portfolio companies and talking to VC firms. So this was all just going to events and networking.

Den Jones:
Awesome.

Tyler Farrar:
That was a big piece of it. I think the other piece is, if you have an interest in a specific topic area, talk about it, talk about it. For me, blogs, podcasts like today. Find your voice, find your topic, find your interest, and talk about it. Get yourself out there. You will create conversation, you’ll create noise and you’ll create attention.

Den Jones:
Yeah, and networking. So you touched on this. Networking, especially at the executive level, I think is vitally important. Your brand and your reputation is vitally important.

I have a guest coming on the show, Victoria Verhey, she’s a coach, leadership coach. She’s a strategic communications expert. One of the things that she taught me and my teams years ago was, team brand and personal brand is vitally important. You need to consciously manage your brand. So when you’re out networking, you’re really managing your brand. When you’re doing podcasts and blogs, you’re promoting your brand. I think people overlook the importance of marketing and networking yourself. So the next C-level job you and I get, they’ll not be because we applied for the job on LinkedIn, they will more likely be because we know people who know people and they reached out to us.

Tyler Farrar:
Exactly.

Den Jones:
I would say my last few jobs have all been someone reaching out to me, and either because of good work I had done in the industry, so they knew who I was, or because they had saw my LinkedIn profile and my activity on LinkedIn. So I think you’ve got to use those mechanisms pretty wise.

Talking about work, when you’re not working and you’re hanging out with non-techy people, which is very hard to do in the valley, but when you do do it, how do you describe your job to people who are not technical? I think of talking to my mom about it, but how do you describe it?

Tyler Farrar:
I would say, you ever seen the Tom and Jerry Show? I’m the Jerry. I try to be the clever resourceful mouse. I try to constantly outwit and stay ahead of the threat, which in this case is Tom, the cat. So I think that’s what I would talk about and resonate with, is this little agile, quick thinking, trying to anticipate what the cat’s going to do next. That’s what we say all the time is this game of cat and mouse and cyber security. So I’m the mouse in Tom and Jerry, yeah, I’m the mouse.

Den Jones:
You’re the mouse. Hey, when you’re up against nation states and some of these big threat actors, then yeah, sure as shit, we feel like the mouse in that scenario. Then when you’re not working, what do you do for fun? What do you do to keep yourself upbeat and distracted from the pressures of work?

Tyler Farrar:
I mean some of the normal things, and COVID really was a big contributor to this. I went to the library and took out a stack of books. Nowadays it’s more of what’s through the online apps and stuff, but I do read a lot. I do go to the gym a lot and weight lift.

But what I’ll share a little bit more broadly is when COVID started, I needed to find another hobby. I couldn’t just be reading all day, and the gym was closed. So what am I going to do? I started doing some coding, mostly Python, and that was fun but I was just finding myself on literally a computer all day long. I thought, I need to find something else, and so I traded that keyboard for a different keyboard and I bought a piano keyboard. I started initially teaching myself, and about a year after that I engaged a piano teacher and I’ve been seeing her ever since. It’s now been almost three years since I’ve been playing piano. I actually have a grand piano now in my house and I play every day.

Den Jones:
Awesome.

Tyler Farrar:
That’s my [inaudible 00:35:37].

Den Jones:
That’s awesome. One of the things in that story is when you’re trying to disconnect from work, still being on your computer, that’s not a disconnect. That’s just… I think the hard thing for me, I mean, I love music. I’m only in this industry so I can buy more music gear really, but this is my home office. So when I’m not working, the thought and the inspiration to be in the same room and do music has been really challenging. I mean, that’s been the hardest thing I think for me, but yeah, I love the thought. I know so many people actually that during COVID they took up playing some musical instrument, which I think is always brilliant.

Tyler Farrar:
Yeah, I hope you kept at it, everybody. Don’t quit.

Den Jones:
Yeah, don’t quit. I think the interesting thing is there are things that you can do that actually bring back to your career. For me, there’s the notion of being able to play an instrument and create a song and think of finishing that thing, that body of work, is very similar to when you’re in work and you’re creating a plan. Sometimes you’re not inspired, sometimes you are inspired, but you’ve still got to finish the body of work and you can’t get to walk away from it.

So I know we’re way over time. It’s amazing how quickly these minutes roll through. I’d love you to leave the audience, Tyler, with one last thought, one nugget to take away. What would it be?

Tyler Farrar:
Security is not a one-time effort, it’s an ongoing process, there is no finish line. So focus on continuous improvement, shared responsibility. Make sure every member of the team plays a part in maintaining that security integrity of the organization, but don’t forget the value of learning both from your successes as well as your setbacks.

Den Jones:
Awesome, thank you, Tyler. So everybody, with that amazing last thought there. Thank you, first of all for paying attention to the show, hanging out with us for what is almost 40 minutes. We appreciate it. Tyler, really appreciate having you on the show. We’d love to have you back sometime soon, ideally maybe in person someday soon, because we’re-

Tyler Farrar:
Absolutely, thanks for having me.

Den Jones:
We’re at the other end of the bay though, right? So it’s probably like a 15-hour drive. When it rains outside, it’s probably 15 hours. I mean, jeez. Thank you, sir, really appreciate it. Have a great, great Christmas, a great new year. Yeah, hopefully we’ll catch up in person, 2024.

Tyler Farrar:
Sounds great, thanks, Den.

Den Jones:
Thanks, bud.

Speaker 1:
Thanks for listening. To learn more about Banyan security and find future episodes of the podcast, please visit us at banyonsecurity.io. Special thanks to Urban Punks for providing the music for this episode. You can find their track, Summer Silk and all their music at Urbanpunks.com.

Close Transcript

< Back to Resources

Book Office Hours with Den Jones

If you are interested in chatting with Den Jones in a more informal setting to talk about your challenges, he hosts office hours that you are welcome to schedule with him directly.

Den is a seasoned professional and loves talking about the best ways to get started, how to measure progress and finally how to get things done.

Make an Appointment