David Kroening: How a 105 year old ad agency tackles vulnerability management with clients

David Kroening is the Director of Global Security Governance and Compliance at Grey Group, the world’s top advertising and marketing organizations that has been around for 105 years. He has been in security for over 30 years, starting with Dos 3.3, and involved in information security for the last 15 years.

In today’s episode, Lisa and David discuss the challenges he sees clients struggle with in vulnerability management, how organizations should think of security to protect brand secrets, and how the future of vulnerability management will be stronger, faster, and more resilient.

Topics discussed:

• The number one challenge David sees organizations struggle with in vulnerability management
• What must happen before vulnerability management can be effective
• Best practices around protecting not only your most critical assets, but the other assets that can still have massive business impact, such as media access or file sharing systems
• How email can be a tool to help monitor third-party assets
• David’s philosophies to get above the ‘whack-a-mole’ strategy to vulnerability management
• How David’s advertising agency collaborates with organizations to keep their trade secrets safe
• Why it’s important for vulnerability management managers to have a regular reporting cadence of vulnerabilities uncovered
• David’s top 3 actionable tips for vulnerability management managers