A DevOps Perspective on Risk Tolerance & Risk Transfer – Caroline Wong – ASW #164

In the segment Mike and Caroline will discuss Risk Tolerance and Risk Transfer. They’ll touch on the following: risk ranking, risk transfer in supply chain, how to diversify security controls, time vs risk reduction vs vulnerability exposure all from a DevOps perspective. While also touching upon how security is not (and should not) be a gate. Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

A DevOps Perspective on Risk Tolerance & Risk Transfer


Caroline Wong

Caroline Wong – Chief Strategy Officer at Cobalt


Caroline Wong is the Chief Strategy Officer at Cobalt. As CSO, Caroline leads the Security, Community, and People teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role. Caroline’s close and practical information security knowledge stems from her broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. Caroline also hosts the Humans of InfoSec podcast, teaches cybersecurity courses on LinkedIn Learning and has authored the popular textbook Security Metrics, A Beginner’s Guide. Caroline holds a bachelor’s degree in electrical engineering and computer sciences from UC Berkeley and a certificate in finance and accounting from Stanford University Graduate School of Business.


John Kinsella

John Kinsella – Co-founder & CTO at Cysense


John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square


Mike Shema is the Product Security Lead of Square