Chris Hodson of Contentful on How Modern Detection Teams Can Thrive in a Cloud-Based World
Chris Hodson is the CISO at Contentful, which helps digital teams assemble content and deliver experiences, faster. Prior to Contentful, Chris was at Zscaler and Tanium and also busy writing a book called Cyber Risk Management: Prioritize Threat, Identify Vulnerabilities, and Apply Controls.
Chris builds and runs cybersecurity organizations that manage technology risks and helps product teams develop security solutions that work. As comfortable in the server room as the board room, he tailors cybersecurity strategy to organizational risk appetite and business objectives.
Topics include:
- Chris’s hottest security take on the role of a CISO
- How Chris started developing the skills that better enabled him as a better technical CISO
- How Chris works more closely with DevOps teams
- How his team gets smart about what to detect
- How to work with application developers to get more useful data
- Prioritize the services that are most sensitive, so things that are touching customer data get the most attention
- The application signals Chris typically cares about
- Building out tools internally to send telemetry to a single source
- The organization of cross-functional security team and the focus on security engineers
- The Kubernetes 4Cs - Code, Container, Clusters, Cloud
- The importance of organizational-specific context to succeed in fixing symptoms at the cause
- Chris’s advice that he’d give to detection teams living in a cloud-based world
Resources:
- Keep in touch with Chris on LinkedIn: https://www.linkedin.com/in/christopherjhodson/?originalSubdomain=uk
- Learn more about Chris’s book here: https://cybersecuritymattersdotblog.wordpress.com/my-books/
Kubernetes 4Cs: https://www.enterprisedb.com/blog/4cs-security-model-kubernetes
Related Podcasts

Thomas Owen of Grafana on Why Enabled Autonomy is the Future of Modern Security Teams
Thomas shares how to build a team from the ground up, the attributes of a modern security team, how to gauge value of security, and his advice for practitioners around basic hygiene.

Mike Saxton of Booz Allen on Where Teams Start in Their Detection Journey and How Detection as Code is Bridging the Cybersecurity Skills Gap
In this episode Mike discusses everything from getting started on your detection journey, to broader cloud security adoption, the use of open source in government, and more!

Compass CISO JJ Agha on Relentless Iterations and What He Expects from a Modern SIEM
JJ Agha is the CISO at Compass, the largest real estate brokerage in the US, and previously spent over four years as VP of InfoSec at WeWork, along with time as a security engineer at Vimeo and Priceline.