Live From the Big House

Recorded on Saturday 29 October 2022, at the tailgate before the University of Michigan vs Michigan State University (American) football game, Brian, Erik and Dan chat about the news of the day, with more than a few correlations back to football. And we had a special guest join us, too: Zah Gonzalvo Rodriguez

  • There was an upcoming OpenSSL vulnerability hitting the world this week. How would Software Bill of Materials (SBOM) make the response easier?
  • A reminder of our dependence on the stability and security of some very core tools (like OpenSSL) to run our businesses. Mot to mention the fact that such tools are often within the libraries we use and don’t even realise it’s there.
  • Similarities between football and security in the need to adjust based on what the other team shows signs of throwing at you, and further based on what they actually bring to the line.
  • How repeatable process and inventory help make the response to these vulnerability disclosures less like a firedrill and more like standard ops.
  • Did you know that credit ratings are being affected by information security posture and breach response?
  • Same thing with M&A and investment valuation… if you’re not as mature in security and privacy you may see a discount taken on your value!
  • How transparent should we be with the peer companies and the public world about our security posture (like incident response plans, and security controls in place)?

And if you’re curious, you can find out what team Dan (the lifelong Badger) was supporting in the game. Congratulations to the University of Michigan in later winning this game, and to both teams for keeping the rivalry alive and spicy.

We also have a video channel on YouTube that airs the “with pictures” edition of the podcast. Please head to and watch, subscribe and “like” the episodes.

Some of the links in the show notes contain affiliate links that may earn a commission should you choose to make a purchase using these links. Using these links supports The Great Security Debate, so we appreciate it when you use them. We do not make our recommendations based on the availability or benefits of these affiliate links.

Thanks for listening!

Support The Great Security Debate