Business Security Weekly (Audio)
359 episodes - English - Latest episode: about 22 hours ago - ★★★★★ - 3 ratingsIf you’re looking to understand the business of security, then Business Security Weekly is your show! Matt, Jason, and Paul cover security for senior managers and executives, including business challenges, leadership, and communications! Our special guests provide unique perspectives on real problems and solutions to help organizations secure their environments effectively. Learn how to build your security program, solve real problems, learn leadership skills and so much more!
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Meet Silver SAML: Golden SAML in the Cloud - Eric Woodruff - BSW #348
April 29, 2024 21:02 - 59 minutes - 56.3 MBA hybrid workforce requires hybrid identity protection. But what are the threats facing a hybrid workforce? As identity becomes the new perimeter, we need to understand the attacks that can allow attackers access to our applications. Eric Woodruff, Product Technical Specialist at Semperis, joins Business Security Weekly to discuss those attacks, including a new attack technique, dubbed Silver SAML. Join this segment to learn how to protect your hybrid workforce. Segment Resources: https:/...
What does DoD’s CMMC Requirement Mean for American Businesses - Edward Tuorinsky, Mike Lyborg - BSW #347
April 22, 2024 22:41 - 1 hour - 57.9 MBSince 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and implementation timelines Best practices to prepare Segment Resources: https://www.federalregister.gov/documents/2023/12/26/2023-27280/cybersecurity-m...
From Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth Spergel - BSW #346
April 15, 2024 18:00 - 55 minutes - 51.5 MBStartup founders dream of success, but it's much harder than it looks. As a former founder, I know the challenges of cultivating an idea, establishing product market fit, growing revenue, and finding the right exit. Trust me, it doesn't always end well. In this interview, we welcome Seth Spergel, Managing Partner at Merlin Ventures, to discuss how to accelerate that journey to lead to a successful outcome. Seth will share Merlin Venture's approach to helping startups tackle the largest mar...
Understanding the Cybersecurity Ecosystem - Ross Haleliuk - BSW #345
April 08, 2024 20:32 - 1 hour - 55.7 MBIn this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you hopefully get the point). In fact, buying too much can often create more problems than it solves, especially if you're struggling to fill your staff...
CISO Soul Searching: Navigating the Evolving Role of the CISO - Harold Rivas - BSW #344
April 02, 2024 15:40 - 56 minutes - 53 MBHarold Rivas has held multiple CISO roles. In his current CISO role, he's championing Trellix's overall mission to address the issues CISOs face every day, encouraging information sharing and collaborative discussions among the CISO community to help address challenges and solve real problems together - part of this is through Trellix's Mind of the CISO Initiative and the Trellix CISO Council. In this interview, we do a little CISO soul-searching. Harold will bring insights from the initiati...
Apps Gone Wild: Re-thinking App and Identity Security for SaaS - Guy Guzner - BSW #343
March 26, 2024 16:47 - 1 hour - 58 MBWith hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to centralize all identities with an Identity Provider (IdP) for Single Sign-On (SSO). So the question becomes, “How do you enable the business while still providing security oversight and governance?” This segment is...
How The Evolving Threat Landscape Drives Innovation In Cybersecurity - Tom Parker, Dave Dewalt - BSW #342
March 18, 2024 20:07 - 1 hour - 59.2 MBDave DeWalt needs no introduction. A four-time CEO and currently the Founder and CEO of NightDragon, Dave collects, analyses, and disseminates more intelligence on the cybersecurity industry in a year than most of us ever will in a lifetime. We've invited Dave to Business Security Weekly to share some of that intelligence with our audience. Specifically, we'll hear about: The evolving threat landscape, including impacts of Artificial Intelligence The latest cybersecurity innovation, inclu...
Protecting Executives: Why The Home Is The New Battle Ground - Chris Pierson - BSW #341
March 15, 2024 17:28 - 59 minutes - 49.5 MBWhen you think of executive protection, you think of work related activities such as security details, travel planning, and other physical security protections. But in the world of Artificial Intelligence and DeepFakes, the risk landscape for executives goes far beyond work and into their personal lives. The home is now the new battle field and family life will never be the same. Chris Pierson, CEO at BlackCloak, joins Business Security Weekly to discuss the changes in the risk landscape f...
The Convergence of Security, Compliance, and Risk - Igor Volovich - BSW #340
March 04, 2024 21:43 - 58 minutes - 50.1 MBThe SEC's new cyber reporting requirements are forcing organizations to rethink their compliance and risk programs. No longer can compliance and risk be static, point in time assessments. Instead they need to match the speed of security which is dynamic and real-time. Couple the difference in speeds with whistleblowers and attack groups reporting non-compliance with the new SEC rules and organizations find themselves in a regulatory nightmare. Igor Volovich, VP of Compliance Strategy for C...
AI Risks, Application Performance - Padraic O'Reilly, Shibu George - BSW #339
February 26, 2024 20:50 - 1 hour - 60.6 MBReleased on January 26, 2023, the NIST AI RMF Framework was developed through a consensus-driven, open, transparent, and collaborative process that included a Request for Information, several draft versions for public comments, multiple workshops, and other opportunities to provide input. It is intended to build on, align with, and support AI risk management efforts by others. Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint, joins BSW to discuss why AI risks are a uniq...
The New BISO Role – A Career Path to CISO? - BSW Vault
February 19, 2024 15:00 - 23 minutes - 10.9 MBCheck out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on February 22, 2022. The Business Information Security Officer, or BISO, is relatively new and somewhat controversial role. Does this role act as the CISO's non-technical liaison to the business units or as the CISO's deputy to oversee strategy implementation at a granular level? Is this new role a necessary career path for future CISOs or an entry point into security...
Proactive Compliance, Improving Cybersecurity Culture, and Hiring The Right Skills - BSW #338
February 14, 2024 22:43 - 33 minutes - 32 MBIn the leadership and communications section, SEC’s Enforcement Head: It’s Time for ‘Proactive Compliance’, Improving cybersecurity culture: A priority in the year of the CISO, Breaking Down Barriers: 6 Simple Measures to Overcome Communication Barriers, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-338
Security Money/Pick Your Battles To Avoid Overconsolidation - Jess Burn, Jeff Pollard - BSW #337
February 05, 2024 21:19 - 57 minutes - 54.5 MBIt's time to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update you on the Security Weekly 25 index. The index came roaring back last quarter. Here are the stocks currently in the index: SCWX Secureworks Corp PANW Palo Alto Networks Inc CHKP Check Point Software Technologies Ltd. SPLK Splunk Inc GEN Gen Digital Inc FTNT Fortinet Inc AKAM Akamai Technologies, Inc. FFIV F5 Inc ZS Zscaler Inc OSPN Onespan I...
Cyber Readiness: Train As You Fight - William Hutchison - BSW #336
January 29, 2024 20:56 - 55 minutes - 71.6 MBHow do you prepare for a cyber incident? You train as you fight, but in what environment? William "Hutch" Hutchinson, CEO and co-founder of SimSpace, joins BSW to share cyber best practices and why testing in your operational environment not a good idea. Learn what it takes to be Cyber Ready. In the leadership and communications section, A tougher balancing act in 2024, the year of the CISO, CISOs Struggle for C-Suite Status Even as Expectations Skyrocket, Want to Be a Better Leader? Stop ...
Say Easy, Do Hard, Hiring a CISO, Part 2 - BSW #335
January 22, 2024 10:00 - 29 minutes - 41.9 MBInspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of hiring a CISO. How will the new SEC regulations impact the role for both organizations and individuals? In part 2, we get our hands dirty by addressing CISO hiring from the individual CISO. What should you look for in a CISO role? What questions should you be asking during the interview process? What are the non-negotiable items that must be part of the offer? Visit https://www.securityweekly....
Say Easy, Do Hard, Hiring a CISO, Part 1 - BSW #334
January 15, 2024 10:00 - 28 minutes - 40.1 MBInspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of hiring a CISO. How will the new SEC regulations impact the role for both organizations and individuals? In part 1, we discuss the challenges of hiring a CISO from the organization's perspective. Do I need a CISO? What are the responsibilities of a CISO? Who should the CISO report to? Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/...
Best Practices for Moving Sensitive Data into the Cloud - Mike Scott - BSW #333
January 08, 2024 20:49 - 52 minutes - 66.6 MBResearch shows that 26% of US workers currently work remotely, and there are expected to be 32.3 million American employees working remotely by 2025. To support these workers, organizations are adopting cloud solutions and migrating data to these cloud solutions. However, many businesses lack visibility into who has access to what data and when, especially in these cloud solutions. How should organizations reconcile the disconnect between data access and data security? Mike Scott, CISO at ...
The Booming Business of Cybersecurity - Robert Herjavec - BSW Vault
January 01, 2024 17:00 - 36 minutes - 17.5 MBRobert Herjavec, CEO of Cyderes, was the keynote speaker at InfoSec World 2022, where he discussed the momentum we continue to see in the cybersecurity industry. Topics included mergers & acquisitions, Robert's outlook on the cyber market, staffing shortages, and nation state threats. Robert joins BSW to expand on his ISW keynote presentation. Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Face...
Security Maturity: From Hostage Negotiator to Business Leader - Sandy Dunn - BSW Vault
December 25, 2023 17:00 - 24 minutes - 11.5 MBThroughout her career, Sandy Dunn has continued to mature and refine her skills. In the early days, she describes her job as a "hostage negotiator", constantly negotiating between the business teams and the security team. But as you mature, so does your approach to security. Now, Sandy talks about simplifying "knowledge management" to make it easy to understand security and becoming a "business listener" to make the right decisions. Visit https://www.securityweekly.com/bsw for all the late...
Cyber Risk Management Starts with Risk Quantification - Padraic O'Reilly - BSW #332
December 19, 2023 16:50 - 57 minutes - 78.9 MBCyber has been an historically hermetic practice. A dark art. Full of mysteries and presided over by magicians both good and bad. This is a bit of an exaggeration, yet there is some truth to it. Many in our industry knew that the SEC was evaluating the role that cyber risk management and incident disclosure plays in the pricing mechanism for an equity. Many of the participants in GRC, IRM, and Cyber Risk anticipated this before the SEC had even proposed such rules. Boards, C-Suites, and Info...
The Impact of the New SEC Regulations on Cybersecurity - BSW #331
December 12, 2023 02:44 - 53 minutes - 69.3 MBMateriality, Disclosure, and Evidence... New terms for cybersecurity professionals to understand under the new SEC Regulations for Cybersecurity. And the Solarwinds indictment is just the beginning. Join the BSW crew as they tackle each of these new terms in preparation for SEC enforcement which starts this week. In the leadership and communications section, Steve Katz, World's First CISO, Dies in Hospice Care, Top CISO Communities to Join in 2024, Workplace Culture 101: How to Create ...
Real Edge Computing Use Cases from the AT&T Cybersecurity Insights Report - Theresa Lanowitz, Mark Freifeld - BSW #330
December 04, 2023 21:25 - 1 hour - 95.2 MBTheresa Lanowitz joins Business Security Weekly to review real edge computing use cases from the AT&T Cybersecurity Insights Report. Specifically, we'll cover the following industry sector reports, including: Healthcare Manufacturing Retail US SLED Transportation Research for the AT&T Cybersecurity Insights Report was conducted during July and August 2022. AT&T surveyed 1,418 security practitioners from the United States, Canada, the United Kingdom, France, Germany, Ireland, Mexico...
1% Leadership - Andy Ellis - BSW #329
November 28, 2023 16:43 - 1 hour - 73.2 MBMost leadership books suffer from one of two critical failures (and sometimes both). The book might be a hagiography: telling you the biography of some amazing leaders, pretending there is one secret trick that will let you emulate that leader. Or the lesson of book should have been written as a tweet: in 280 characters you could have learned one lesson, but instead you have to fight through 300 pages of obfuscation to decipher the lesson. 1% Leadership is the antidote to these approaches....
Building Security from Scratch: One Year as CISO at a Start-up - Guillaume Ross - BSW Vault
November 20, 2023 15:00 - 30 minutes - 16.8 MBWe often think "this would be so much better if done properly from the beginning", but the reality is, doing things from scratch comes with different challenges. Managing priorities, deciding what you tackle on from the absolute beginnings of a company in terms of security is a fun challenge. Segment Resources: Full session at the upcoming GoSec Conference: https://www.gosec.net/sessions/ Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: http...
Say Easy, Do Hard: Cyber Risk Management - BSW #328
November 14, 2023 10:00 - 55 minutes - 49.9 MBInspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cyber risk management so elusive and what can we do to solve it? In part 1, we discuss the challenges of cyber risk management and quantification. Do risk scores really work? What do CEOs and Boards really need to understand cyber risks? Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cy...
Security Money: The Index is Rebounding - Business Security Weekly #327
November 07, 2023 10:00 - 54 minutes - 49.6 MBIt's time to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update you on the Security Weekly 25 index. The index is rebounding, but there's a long way to go to get back to the top. In the leadership and communications segment, SolarWinds Is A Game Changer - You Cannot Sugarcoat Cybersecurity, Rethinking CISO Accountability: A Call for Balance in Cybersecurity Leadership, How to improve communication in the...
The Enterprise Browser for the Modern Workforce - Robert Shield - BSW #326
October 31, 2023 09:00 - 56 minutes - 52.5 MBAs the workforce increasingly relies on the cloud, the browser has become a critical aspect of enterprise security. Employees now use browsers to access data and applications from various devices and locations, making browsers the primary target for cyber attackers. Enterprise browsers are specifically designed to address the security challenges of the modern and complex workforce. According to Gartner, "By 2030, enterprise browsers will be the core platform for delivering workforce produc...
Securing Edge Computing Use Cases by Aligning to Business Outcomes - Theresa Lanowitz, Scott Stout - BSW #325
October 24, 2023 09:00 - 57 minutes - 52.6 MBAs the CISO role continues to transform from a technician to a risk manager, how do you secure emerging technologies, such as edge computing? By aligning to business objectives. In this segment, Theresa Lanowitz from AT&T Cybersecurity and Scott Stout From Cisco help us break down the challenges of the CISO and how to align security requirements to business outcomes to solve the emerging edge computing use cases. During the interview, we will tackle the Hospital at Home and Manufacturing edg...
Companies should be hiring CISOs for their leadership talent - Jason Loomis - BSW #324
October 17, 2023 09:00 - 56 minutes - 52.5 MBDo we sound like a broken record? Leadership, communication, and risk management skills are key traits of the Chief Information Security Officer. But don't just take our word for it, Jason Loomis, CISO at Freshworks, joins Business Security Weekly to discuss why companies should be hiring CISOs for their leadership talent, not their technical talent. Segment Resources: Switch Five Dysfunctions of a Team Drive Extreme Ownership Simon Sinek In the leadership and communications sect...
Digital Transformation Breaks Risk Management - Chris Morales - BSW #323
October 10, 2023 09:00 - 1 hour - 59 MBCEOs and boards struggle with their digital transformation process. Does their operations hinder or align with business initiatives? Has their security operations scaled to meet the data and digital demands to protect against business risk? In today’s episode, we’re talking to Chris Morales, CISO at Netenrich, who’ll provide compelling insights towards security transformation. Security organizations all face similar security challenges of too much data, siloed teams, underperforming legacy t...
Risk Management in the Cloud Starts with Identities - Eric Kedrosky - BSW #322
October 03, 2023 09:00 - 54 minutes - 49.2 MBAs we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need to be addressed as part of your risk management program. Eric Kedrosky, CISO at Sonrai Security, joins us to discuss how to think differently about risk in the cloud. In the leadership and communications section, ...
Human Risk Management at Western Governors University - Jake Wilson - BSW #321
September 26, 2023 09:00 - 1 hour - 87.7 MBIn this episode, we interview Jake Wilson, Western Governor University's Security Awareness Evangelist. We'll learn about how he built up and matured WGU's security awareness program, eliminating blind spots, and improving efficacy through data analysis and better reporting. This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them! This week in the leadership and communications section: building a feedback-driven culture, lett...
2023 AT&T Cybersecurity Insights Report: Edge Ecosystem - Theresa Lanowitz, Steve Winterfeld - BSW #320
September 18, 2023 20:39 - 58 minutes - 54.6 MBOrganizations still struggle with DDoS, ransomware, and personal information exfiltration. In order the prevent these attacks, we first need to understand the ‘types’ of DDoS and emerging threat techniques used by the adversary. In this interview, we explore these attacks in the context of edge computing. As edge computing use cases evolve, organizations need to understand the intersection of edge computing, networking, and cybersecurity. We discuss the risks associated with edge computing, ...
Identity is the Perimeter, The Secrets of Top Performing CISOs - Jeff Reich - BSW #319
September 11, 2023 19:57 - 53 minutes - 49 MBManaging identities continues to add complexity for granting access to enterprise resources. Between the increasing number and expanding types of identities, including carbon-based, silicon-based, and artificial identities, and the evolution of cloud computing and remote work, managing the perimeter is now an identity problem. What risks do each of these identity types pose and how do you mitigate them? Jeff Reich, Executive Director at Identity Defined Security Alliance (IDSA), joins us to ...
The Nine Cybersecurity Habits - George Finney - BSW Vault
September 04, 2023 09:00 - 33 minutes - 19 MBCheck out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on March 15, 2021. In 1989, Stephen Covey first published "The 7 Habits of Highly Effective People," empowering and inspiring leaders for over 25 years. Is there an equivalent or new set of habits for CISOs? George Finney, Chief Security Officer at Southern Methodist University, joins Business Security Weekly to discuss the Nine Cybersecurity Habits. Visit https://www....
The Art & Science of Metawar - Winn Schwartau - BSW #318
August 29, 2023 13:39 - 54 minutes - 51.5 MBThe metaverse is an evolving storytelling environment in which humans have congregated for millennia to experience alternate, immersive, and simulated realities, with or without technology. Storytelling is designed to influence mental and physical perceptions suiting the purposes of the content creators. Metawar is the art of applying science to create and defend against the influence of alternate realities in the metaverse. What if we can longer rely on our senses to determine what is real ...
Security Money & BlackHat Interviews - BSW #317
August 22, 2023 09:00 - 57 minutes - 54.9 MBThe Security Weekly 25 Index is still trying to recover. Inflation fears have tampered the recovery and the NASDAQ is outperforming the Index. Fastly replaces Sumo Logic in the Index and Thoma Bravo has not acquired anyone, so hoping the index stays stable for more than a quarter :). Here's the latest list of companies in the index: Secureworks Corp Palo Alto Networks Inc Check Point Software Technologies Ltd. Splunk Inc Gen Digital Inc Fortinet Inc Akamai Technologies, Inc. F5 Inc Zscaler I...
CISO in Crisis, but Will the SEC Regulations Make a Difference and New NIST CSF Draft - BSW #316
August 15, 2023 17:00 - 56 minutes - 51.3 MBIn the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-316
Deciphering The National Cyber Workforce and Education Strategy - Dr. José-Marie Griffiths - BSW #315
August 08, 2023 09:00 - 55 minutes - 52.7 MBOn July 31st, 2023, the Biden administration released a national strategy addressing cyber workforce shortages, calling long-standing vacancies a national security imperative. The National Cyber Workforce and Education Strategy focuses on four major pillars: equipping every American with cyber skills, transforming cyber education, expanding and enhancing the national cyber workforce and strengthening the federal cyber workforce. The strategy relies heavily on non-governmental and private sec...
How to Effectively Embrace and Protect Generative AI Tools, Models, & Data - Randy Lariar - BSW #314
August 01, 2023 14:00 - 52 minutes - 51.3 MBSome organizations are banning ChatGPT and other generative AI models out of fear of the risks they could introduce. While this is understandable, the reality is generative AI is accelerating so fast that, very soon, banning it in the workplace will be like blocking employee access to their web browser. Randy Lariar, Practice Director of Big Data, AI and Analytics at Optiv, will discuss how to embrace the new technology and shift the focus from preventing it in the workplace to adopting it s...
Improving Diversity and Accessibility in Cybersecurity - Laurie Salvail - BSW #313
July 25, 2023 09:00 - 1 hour - 84.3 MBCYBER.ORG, in partnership with CISA, is helping create a diverse cyber workforce by breaking down the barriers to cybersecurity education by improving access for all K-12 students nationwide. CYBER.ORG’s HBCU feeder program Project REACH was recently highlighted in CISA’s 2022 Year in Review as part of the agency’s commitment to improving diversity and accessibility in the field. Laurie Salvail, Director of CYBER.ORG, joins BSW to discuss: - Why the expansion of K-12 cybersecurity education ...
Say Easy, Do Hard - BSW #312
July 18, 2023 09:00 - 1 hour - 57.1 MBLess than 50% of the Fortune 500 have a Chief Information Security Officer (CISO) or Chief Security Officer (CSO) listed on their executive team. Why is that? Is this role not considered an executive position? In part 1, we debate the role of the CISO/CSO and whether it is or is NOT and executive position. We've made a lot of progress over the last 20+ years, but has the role peaked? Will the role continue to get a seat at the table as a C-level executive or will it atrophy back to a VP or D...
The Golden Age of Email Security - Jess Burn - BSW #311
July 11, 2023 09:00 - 54 minutes - 49 MBA golden age is a time of great achievement in a society or industry — a time of innovation and the furthering of new ideas via new mediums or technological advancements. Email security is now entering a golden age after stagnating for the better part of a decade. Is it time to celebrate? Customers have more choice than ever when it comes to protecting how employees, customers, and partners communicate and collaborate. Often, those customers are choosing more than one email security partner ...
The Fifth Domain - Richard Clarke - BSW Vault
July 03, 2023 09:00 - 29 minutes - 12.9 MBThis week, we welcome Dick Clarke to discuss his new book, The Fifth Domain, and the need for cyber resilience, especially these days! In the Leadership and Communications segment, 4 Behaviors That Help Leaders Manage a Crisis, The Right Way to Keep Your Remote Team Accountable, 15 Steps to Take Before Your Next Video Call, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/vault-bsw-3
Vendor Consolidation, CISO Burnout Prevention & Maximizing Leadership Potential - Shawn Surber - BSW #310
June 27, 2023 09:00 - 54 minutes - 69.1 MBIn a tight economy, security budgets have been under scrutiny. Vendor consolidation strategies are real, but what are the pros and cons of this strategy? Shawn Surber from Tanium joins us to discuss how vendor consolidation is playing out and what to look for. It's not just an expense exercise, it's also a strategic alignment exercise. This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them! In the Leadership and Communications section, CISO Burn...
The 4 C's of Leadership with Michael Santarcangelo - BSW Vault
June 19, 2023 16:00 - 31 minutes - 13.8 MBCheck out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on October 12, 2020. We go off script. Michael Santarcangelo joins me for a discussion on leadership. We review the 4 C's of Leadership: 1. Culture 2. Collaboration 3. Communication 4. Cultivation - and Michael shares some of his leadership approaches and ideas. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://secur...
Where is the Human in Your Risk Management Program? - Ashley Rose - BSW #309
June 12, 2023 22:05 - 1 hour - 79.7 MBThe Gartner definition of integrated risk management is a set of practices and processes supported by a risk-aware culture and enabling technologies, that improves decision making and performance through an integrated view of how well an organization manages its unique set of risks. Enterprises typically have a broad coverage of the risks that face the business including cybersecurity risk, however, its 2023 and after more than a decade of requiring training compliance for our people, the Ve...
New AI Algorithm Regulations Coming: Will Yours Pass Government Scrutiny? - Mike O'Malley - BSW #308
June 06, 2023 15:32 - 1 hour - 58.4 MBThe American Data Privacy and Protection Act introduces oversight of how companies handle the data they collect and process from U.S. citizens, including AI algorithms used to uncover insights that can be monetized. Security professionals should prepare now for the legislation by understanding how to audit algorithms and implement compliance processes. Even if this version of privacy legislation doesn’t pass, similar legislation will likely pass soon. Segment Resources: Forbes Tech C...
Career Ladders In Information Security - Marc French - BSW Vault
May 31, 2023 19:41 - 37 minutes - 15 MBCheck out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. Marc French has more than 25 years of technology experience in engineering, operations, product management, and security. Prior to his current role at CISO at Product Security Group, Marc was the SVP & Chief Trust Officer at Mimecast, Inc. and has held a variety of senior security roles at Endurance/Constant Contact, EMC/RSA, Iron Mountain, Digital Gua...
BSW #307 - Matt Radolec
May 22, 2023 23:14 - 1 hour - 59.5 MBYou can rebuild infrastructure. But you can’t un-breach data – Data sits at the core of an organization and is often the most open and vulnerable. This is why data security is the most important and urgent security problem to solve right now. We’re joined by Matt Radolec, Senior Director of Incident Response and Cloud Operations at Varonis, to walk through the blast radius concept – from what it is and how to use it to understand your organization's risk, to how it can serve as a guide to se...