EP 115 - SDP 10: Separation of Privileges

EP 115 - SDP 10: Separation of Privileges

Author: Kip Boyle February 6, 2024 Duration: 15:46
Your Cyber Path: How to Get Your Dream Cybersecurity Job
BusinessCareersEducationHow ToSelf ImprovementTechnology

SDP 10: Separation of Privileges

About this Episode

In this episode of the Your CyberPath podcast, Kip Boyle and Jason Dion delve into the concept of the separation of privilege as a vital component of their series on security architecture and design principles.

Jason and Kip talk about how the separation of privilege illustrates its significance through real-world examples. They also help showcase its application in technologies, military operations, and financial transactions.

Jason also draws from his military experience to underscore the critical role of separation of privilege in SOVOT (System Operations Verification and Testing) environments.

Finally, they underscore its importance in password management systems. They emphasize its pivotal role in upholding cybersecurity standards. Understanding these principles is essential for building robust security frameworks.

Relevant websites for this episode

The NIST Separation of Duty (SOD) - https://csrc.nist.gov/glossary/term/separation_of_duty

Other relevant Episodes

EP 94: Ten Security Design Principles (SDP)

EP 96: SDP 1: Least Privilege

EP 98: Security Design Principles 2: Psychological Acceptability

EP 101: SDP 3: Economy of Mechanism

EP 103: SDP 4 Compromise Recording

EP 105: SDP 5: Work Factor

EP 107: SDP 6: Failsafe Defaults

EP 109: SDP 7: Complete Mediation

EP 111: SDP 8 open Design

EP 113: SDP 9 — Least Common Mechanism


Navigating a career in cybersecurity can feel like a maze without a clear map. Your Cyber Path: How to Get Your Dream Cybersecurity Job, hosted by Kip Boyle, cuts through the noise by focusing on the perspective of the people who actually make hiring decisions. This isn't just generic advice; it's a direct line to understanding what employers are truly looking for in candidates, from entry-level roles to advanced positions. Each episode delves into the practical, often unspoken, steps needed to build your skills, craft your resume, and ace interviews in this competitive field. You'll hear concrete strategies for bridging the gap between where you are now and that ideal job, all framed within the broader contexts of business, technology, and personal growth. Tune into this podcast for honest conversations that translate complex career pathways into actionable plans, helping you move forward with confidence. Whether you're considering a pivot or aiming to advance, the guidance here is rooted in real-world hiring dynamics, making it a valuable resource for anyone serious about building a future in cybersecurity.
Author: Language: English Episodes: 100

Official website RSS
Your Cyber Path: How to Get Your Dream Cybersecurity Job
Podcast Episodes
EP 55: Which cybersecurity certifications should you get? [not-audio_url] [/not-audio_url]

Duration: 37:59
https://www.yourcyberpath.com/55 In this episode, we are focused on the ever-divisive question of the importance of certifications in the cybersecurity industry. The answer to this question has changed over time from cer…
EP 54: New Cohost Jason Dion [not-audio_url] [/not-audio_url]

Duration: 11:26
For the past year, my good friend Wes Shriner has been my cohost. We’ve created some great episodes together, which I hope have helped you. These days Wes is super busy in his new role as Chief Information Security Offic…
EP 52: Replay of "Security Awareness Training" [not-audio_url] [/not-audio_url]

Duration: 1:04:10
This week we are highlighting one of our popular episodes! First covered back in Episode 40, we covered the topic of Security Awareness Training, and wanted to revisit it again in this epsiode. Looking for a nontechnical…
EP 51: What does it take to lead a Cybersecurity Program? Part 2 [not-audio_url] [/not-audio_url]

Duration: 47:13
In episode 50, we showed you the first half of Kip's presentation with Ritsumeikan Asia Pacific University, where Kip talked with the students about Cybersecurity Management. This is the second half of this 2 part series…
EP 50: What does it take to lead a Cybersecurity Program? [not-audio_url] [/not-audio_url]

Duration: 50:31
"Recently, I was asked to be a guest speaker for Professor Kevin Cooney at Ritsumeikan Asia Pacific University, to talk with his students about Cybersecurity Management. I have split this up into two sections, the first…
EP 49: Why Entry Level Jobs Aren't Really Entry Level [not-audio_url] [/not-audio_url]

Duration: 20:40
In today’s episode I want to answer a common question that I get: “Why do all the cybersecurity job postings ask for 5 years of experience but they're labeled as entry level positions?” Can playing capture the flag also…
EP 48: Anatomy of a Ransomware Attack [not-audio_url] [/not-audio_url]

Duration: 1:00:42
Due to recent Cyber Attacks, we are going to share a replay of a continuing legal education course that Kip Boyle and Jake Bernstein have recently done. In this session, they will walk you through two different ransomwar…
EP 47: How to Use Your Transferrable Skills [not-audio_url] [/not-audio_url]

Duration: 35:48
Our guest Marc Menninger joins Kip Boyle in this episode. Marc is the Director of Information Security with A Place For Mom. He is also a cybersecurity hiring manager. Listen to the tips he gives on how to use your trans…
EP 46: ATS Secrets--Boost your Resume with these Clever Tips [not-audio_url] [/not-audio_url]

Duration: 23:20
Our guest Arthureen Brown joins Kip Boyle in this episode. Arthureen is a Business Information Security Officer (BISO) with Altria. She is also a cybersecurity hiring manager. Listen to the tips she gives on how to get y…

«1...345678910»