Effective Incident Response: David Cross’s Cybersecurity Playbook for Executives

David Cross and Neatsun

In this episode of CyberOXtales Podcast, host Neatsun Ziv, CEO of OX Security, interviews David B. Cross, CISO for the Oracle SaaS Cloud and Venture Partner with Rain Capital VC. They discuss the importance of having a playbook for handling data breaches and security incidents. David emphasizes the need for training and clear processes to ensure that everyone in an organization knows how to respond to potential security threats. He also highlights the importance of communication and collaboration between different teams and the need for a neutral facilitator during post-incident analysis.

About Our Guest:

David Cross is the CISO for the Oracle SaaS Cloud and a Venture Partner with Rain Capital VC. He has extensive experience in the cybersecurity space, with a background in the US Navy and over 17 years at Microsoft, where he worked on Windows security, Azure security, and cloud security. He also spent time leading the Google Cloud Security organization before joining Oracle. David is a respected expert in the field and is passionate about helping organizations improve their security practices.

Key Takeaways:

  • All employees should receive training on how to identify and report potential security threats.
  • Having a clear process in place ensures that everyone knows what to do in case of an incident.
    Organizations should establish a centralized contact point for reporting security incidents. This ensures that incidents are properly documented and assigned to the appropriate team for analysis and response.
  • Having a playbook that outlines the steps to be taken during a security incident helps ensure a consistent and effective response. The playbook should include clear ownership and next steps for each stage of the incident response process.
  • It’s also important to have a process in place for double-checking and validating potential security threats. This helps prevent false positives and ensures that incidents are properly investigated and addressed.
  • Conducting a thorough root cause analysis (RCA) and post-incident analysis is essential for learning from security incidents and improving future response efforts. This analysis should focus on identifying areas for improvement and implementing necessary changes.


Listen to the full episode here. Stay tuned for more insightful stories, scenarios, and cybersecurity playbooks on CyberOxTales!

Subscribe for updates