Episode 25

Chris Hodson of Contentful on How Modern Detection Teams Can Thrive in a Cloud-Based World

Chris Hodson is the CISO at Contentful, which helps digital teams assemble content and deliver experiences, faster. Prior to Contentful, Chris was at Zscaler and Tanium and also busy writing a book called Cyber Risk Management: Prioritize Threat, Identify Vulnerabilities, and Apply Controls. 

Chris builds and runs cybersecurity organizations that manage technology risks and helps product teams develop security solutions that work. As comfortable in the server room as the board room, he tailors cybersecurity strategy to organizational risk appetite and business objectives. 

Topics include: 

  • Chris’s hottest security take on the role of a CISO 
  • How Chris started developing the skills that better enabled him as a better technical CISO 
  • How Chris works more closely with DevOps teams
  • How his team gets smart about what to detect
  • How to work with application developers to get more useful data
  • Prioritize the services that are most sensitive, so things that are touching customer data get the most attention 
  • The application signals Chris typically cares about 
  • Building out tools internally to send telemetry to a single source
  • The organization of cross-functional security team and the focus on security engineers 
  • The Kubernetes 4Cs - Code, Container, Clusters, Cloud
  • The importance of organizational-specific context to succeed in fixing symptoms at the cause 
  • Chris’s advice that he’d give to detection teams living in a cloud-based world 


Kubernetes 4Cs: https://www.enterprisedb.com/blog/4cs-security-model-kubernetes

Recommended Resources

Escape Cloud Noise. Detect Security Signal.
Request a Demo