CISO Stories Podcast (Audio)
212 episodes - English - Latest episode: 13 days ago - ★★★★★ - 8 ratingsSC Media, and our sponsor RegScale, are proud to present this month's CISO Stories program. Each month, the CISO Stories Program explores a cybersecurity topic selected by CyberRisk Alliance’s CISO Community and provides content that examines that topic from a variety of perspectives. Hosted by Todd Fitzgerald, best-selling author of CISO COMPASS, the CISO Stories weekly podcast features content powered by the 1,100+ members of CyberRisk Alliance’s CISO Community. Listen to previous CISO Stories podcast episodes at cisostoriespodcast.com.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
CSP #86 - Are Cryptocurrencies to Blame for the Increase in Ransomware Attacks? - Bob Seeman
September 06, 2022 14:00 - 30 minutes - 41.6 MBFortunes have been gained and lost through Bitcoin and other cryptocurrency purchases. Ransomware paid in cryptocurrency is rarely recovered. Should the CISOs get involved in promoting regulation of the cryptocurrency? Would this reduce the number and amounts paid in ransomware attacks? Join the author of “The COiNMEN”, who has extensively researched cryptocurrencies and promoted policy changes as he shares his views. Segment Resources: Letter in Support of Responsible Fintech Policy, www....
CSP #85 - Cyberinsurance & the CISO: What You Need to Know - Bryan E. Hurd
August 30, 2022 14:00 - 31 minutes - 42.6 MBAs ransomware wreaks havoc on our systems and information, more companies are transferring some of the risk through Cyber Insurance. What technologies are cyber insurance companies looking to have in place? How are insurance companies setting the premiums? Join Bryan as he shares his extensive cyber counterintelligence and forensic experience in supporting CISOs to navigate cyberinsurance carriers. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: ht...
Cyberinsurance & the CISO: What You Need to Know - Bryan E. Hurd - CSP #85
August 30, 2022 14:00 - 31 minutes - 42.6 MBAs ransomware wreaks havoc on our systems and information, more companies are transferring some of the risk through Cyber Insurance. What technologies are cyber insurance companies looking to have in place? How are insurance companies setting the premiums? Join Bryan as he shares his extensive cyber counterintelligence and forensic experience in supporting CISOs to navigate cyberinsurance carriers. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: ht...
The Positive Power of Community Engagement - Ron Hale - CSP #84
August 23, 2022 14:00 - 23 minutes - 31.9 MBRon has seen the CISO role emerge over as a senior executive at ISACA. Join us as Ron shares the necessity of the CISO getting out of the office and the types of forums that are most beneficial to the CISO, based upon his decades experience in enhancing the CISO profession. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_RonHale_ArticleV2.pdf Hale, R. 2019. The Positive Power of C...
CSP #84 - The Positive Power of Community Engagement - Ron Hale
August 23, 2022 14:00 - 23 minutes - 31.9 MBRon has seen the CISO role emerge over as a senior executive at ISACA. Join us as Ron shares the necessity of the CISO getting out of the office and the types of forums that are most beneficial to the CISO, based upon his decades experience in enhancing the CISO profession. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_RonHale_ArticleV2.pdf Hale, R. 2019. The Positive Power of C...
The CEO Won’t Wear a Security Badge? Try This! - John Ceraolo - CSP #83
August 19, 2022 18:52 - 24 minutes - 34.2 MBWhat do you do if the most senior person in your organization, the CEO, refuses to wear security badges- an essential control for identifying associates and restricting physical entry? Listen as John uses creativity to win the heart and mind of the CEO and embrace and become a strong advocate of the security awareness program! To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_JohnCera...
CSP #83 - The CEO Won’t Wear a Security Badge? Try This! - John Ceraolo
August 19, 2022 18:52 - 24 minutes - 34.2 MBWhat do you do if the most senior person in your organization, the CEO, refuses to wear security badges- an essential control for identifying associates and restricting physical entry? Listen as John uses creativity to win the heart and mind of the CEO and embrace and become a strong advocate of the security awareness program! To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_JohnCera...
Have we Forgotten About the Basics? - Benjamin Corll - CSP #82
August 09, 2022 14:00 - 27 minutes - 37.5 MBGo to any security conference today and there is a plethora of new products to prevent, detect and respond to the current threat environment. But are we missing something? Is there a less expensive and more tactical way to approach security? Join Benjamin as we review what some are the key basics are that should be in place before investing in higher-end technology. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleader...
CSP #82 - Have we Forgotten About the Basics? - Benjamin Corll
August 09, 2022 14:00 - 27 minutes - 37.5 MBGo to any security conference today and there is a plethora of new products to prevent, detect and respond to the current threat environment. But are we missing something? Is there a less expensive and more tactical way to approach security? Join Benjamin as we review what some are the key basics are that should be in place before investing in higher-end technology. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleader...
CSP #81 - Using MindMaps to Strengthen Cybersecurity - Michael Wilcox
August 02, 2022 14:00 - 30 minutes - 41.4 MBCISOs, security leaders and their teams must consume a large amount of information from many sources to remain effective. How does the CISO organize unstructured information? How does the CISO brainstorm? How does the CISO collaborate? Mind Mapping is a very effective tool to generate ideas quickly and was also used to create the CISO COMPASS book! Learn from a CISO who uses Mind Maps™ for just about everything! To view the article from the CISO COMPASS Book that sparked this interview, pl...
Using MindMaps to Strengthen Cybersecurity - Michael Wilcox - CSP #81
August 02, 2022 14:00 - 30 minutes - 41.4 MBCISOs, security leaders and their teams must consume a large amount of information from many sources to remain effective. How does the CISO organize unstructured information? How does the CISO brainstorm? How does the CISO collaborate? Mind Mapping is a very effective tool to generate ideas quickly and was also used to create the CISO COMPASS book! Learn from a CISO who uses Mind Maps™ for just about everything! To view the article from the CISO COMPASS Book that sparked this interview, pl...
How to Talk With Your Lawyer - Mark Daryl Rasch - CSP #80
July 26, 2022 14:00 - 24 minutes - 33.3 MBA Lawyer can be the CISOs best friend and advocate for cybersecurity investments. Are you frustrated with a lawyers answer of, “it depends?” Lawyers have a different thought process than many CISOs when apply the law. Join this session from a notable cybersecurity lawyer as to the differences in language and how to best take advantage of the legal expertise available to support the mission. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://s...
CSP #80 - How to Talk With Your Lawyer - Mark Daryl Rasch
July 26, 2022 14:00 - 24 minutes - 33.3 MBA Lawyer can be the CISOs best friend and advocate for cybersecurity investments. Are you frustrated with a lawyers answer of, “it depends?” Lawyers have a different thought process than many CISOs when apply the law. Join this session from a notable cybersecurity lawyer as to the differences in language and how to best take advantage of the legal expertise available to support the mission. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://s...
CSP #79 - Insider's View of the CISO Search - Joyce Brocaglia
July 19, 2022 14:00 - 31 minutes - 43.4 MBCompanies clearly want to hire the best candidate for the CISO Role. Where best to learn, but from someone who has been successfully recruiting Security Leaders for over 35 years? Learn from the guidance Joyce provides to her clients when hiring for the CISO role. Joyce also discusses salaries, reporting relationships, and skills necessary today. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/...
Insider's View of the CISO Search - Joyce Brocaglia - CSP #79
July 19, 2022 14:00 - 31 minutes - 43.4 MBCompanies clearly want to hire the best candidate for the CISO Role. Where best to learn, but from someone who has been successfully recruiting Security Leaders for over 35 years? Learn from the guidance Joyce provides to her clients when hiring for the CISO role. Joyce also discusses salaries, reporting relationships, and skills necessary today. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/...
CSP #78 - Solarwinds From the Inside: The Breach and the Aftermath - Tim Brown
July 12, 2022 15:00 - 29 minutes - 41.1 MBThe Solarwinds breach raised the visibility of Software supply chain risks, as many organizations employ third party software with potential access to sensitive information. Join the CISO of Solarwinds as he discusses what happened during the attack, the lessons learned, the mitigations employed after the attack, and excellent, transparent actions for organizations to manage software development and distribution processes. Visit https://securityweekly.com/csp for all the latest episodes! ...
Solarwinds From the Inside: The Breach and the Aftermath - Tim Brown - CSP #78
July 12, 2022 15:00 - 29 minutes - 41.1 MBThe Solarwinds breach raised the visibility of Software supply chain risks, as many organizations employ third party software with potential access to sensitive information. Join the CISO of Solarwinds as he discusses what happened during the attack, the lessons learned, the mitigations employed after the attack, and excellent, transparent actions for organizations to manage software development and distribution processes. Visit https://securityweekly.com/csp for all the latest episodes! ...
CSP #77 - Protecting Your Intellectual Property - Michael Boucher
July 05, 2022 14:00 - 23 minutes - 31.9 MBAs CISOs embark on implementing an Intellectual Property protection effort, they are often met with resistance, being challenged as to the necessity of the effort. Join Michael as he shares his experience in winning the support for his efforts to properly classify and secure the information and systems. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/CISOSTORIES_MichaelBoucher_Article.pdf ...
Protecting Your Intellectual Property - Michael Boucher - CSP #77
July 05, 2022 14:00 - 23 minutes - 31.9 MBAs CISOs embark on implementing an Intellectual Property protection effort, they are often met with resistance, being challenged as to the necessity of the effort. Join Michael as he shares his experience in winning the support for his efforts to properly classify and secure the information and systems. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/CISOSTORIES_MichaelBoucher_Article.pdf ...
Achieving a Competitive Advantage Through Privacy By Design - Ann Cavoukian - CSP #76
June 28, 2022 14:00 - 22 minutes - 30.4 MBJoin the former Privacy Commissioner of Ontario, Canada and creator of PrivacyByDesign (PbD), translated into 40 languages and incorporated into General Data Protection Regulation (GDPR) and used by many organizations to proactively “bake-in” privacy into our systems. Every CISO needs to pay attention to and support the various country privacy laws. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/05...
CSP #76 - Achieving a Competitive Advantage Through Privacy By Design - Ann Cavoukian
June 28, 2022 14:00 - 22 minutes - 30.4 MBJoin the former Privacy Commissioner of Ontario, Canada and creator of PrivacyByDesign (PbD), translated into 40 languages and incorporated into General Data Protection Regulation (GDPR) and used by many organizations to proactively “bake-in” privacy into our systems. Every CISO needs to pay attention to and support the various country privacy laws. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/05...
CSP #75 - Attracting Talent Using The Nice Framework - Greg Witte
June 21, 2022 14:00 - 24 minutes - 33.6 MBAs your organization increases the cybersecurity talent to protect and defend the information assets, how do you know what skills are needed? What tasks are to be performed and what knowledge is necessary to perform these functions? The NIST NICE Framework helps define the job and assist the CISO in hiring as well as measuring the capability along the career path. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-conten...
Attracting Talent Using The Nice Framework - Greg Witte - CSP #75
June 21, 2022 14:00 - 24 minutes - 33.6 MBAs your organization increases the cybersecurity talent to protect and defend the information assets, how do you know what skills are needed? What tasks are to be performed and what knowledge is necessary to perform these functions? The NIST NICE Framework helps define the job and assist the CISO in hiring as well as measuring the capability along the career path. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-conten...
Where Should the CISO Report? Guess Again! - Stephen Fried - CSP #74
June 14, 2022 14:00 - 26 minutes - 35.8 MBWhere the CISO should report has been debated for many years, with the predominant view being “anywhere but the CIO”, while even in 2022, most CISOs are reporting to the CIO! Which reporting structure viewpoint is right? This podcast will examine the pros and cons of reporting to the CIO and other departments. Join Stephen as he shares his experience as a Former CISO for several large financial institutions, along with his current views. To view the article from the CISO COMPASS Book that ...
CSP #74 - Where Should the CISO Report? Guess Again! - Stephen Fried
June 14, 2022 14:00 - 26 minutes - 35.8 MBWhere the CISO should report has been debated for many years, with the predominant view being “anywhere but the CIO”, while even in 2022, most CISOs are reporting to the CIO! Which reporting structure viewpoint is right? This podcast will examine the pros and cons of reporting to the CIO and other departments. Join Stephen as he shares his experience as a Former CISO for several large financial institutions, along with his current views. To view the article from the CISO COMPASS Book that ...
Educating Senior Management in Cybersecurity - Edward Amoroso - CSP #73
June 07, 2022 14:00 - 26 minutes - 36.7 MBManaging cybersecurity defense inside an organization is an enormously complex endeavor, considering the interconnections, vendor relationships, cloud, and mobile proliferation of the data. While many of these computing technologies have a clear purpose and usefulness, many times organizations minimize the complexity when presenting to the Board. Should we? Join us as we discuss a different approach to better communications. To view the article from the CISO COMPASS Book that sparked this ...
CSP #73 - Educating Senior Management in Cybersecurity - Edward Amoroso
June 07, 2022 14:00 - 26 minutes - 36.7 MBManaging cybersecurity defense inside an organization is an enormously complex endeavor, considering the interconnections, vendor relationships, cloud, and mobile proliferation of the data. While many of these computing technologies have a clear purpose and usefulness, many times organizations minimize the complexity when presenting to the Board. Should we? Join us as we discuss a different approach to better communications. To view the article from the CISO COMPASS Book that sparked this ...
CSP #72 - Moving From a Techie to a CISO - Shaun Cavanaugh
May 31, 2022 14:00 - 28 minutes - 39.2 MBCareers can just happen, or they can be planned. Join us as we discuss making the decision to become a CISO and then taking the steps necessary to develop the skills to attain the job and thrive in the role. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_ShaunCavanaugh_Article.pdf Cavanaugh, S. 2019. From Techie to CISO – Identify Where you Want to Be and How to Get There. In CISO ...
Moving From a Techie to a CISO - Shaun Cavanaugh - CSP #72
May 31, 2022 14:00 - 28 minutes - 39.2 MBCareers can just happen, or they can be planned. Join us as we discuss making the decision to become a CISO and then taking the steps necessary to develop the skills to attain the job and thrive in the role. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_ShaunCavanaugh_Article.pdf Cavanaugh, S. 2019. From Techie to CISO – Identify Where you Want to Be and How to Get There. In CISO ...
CSP #71 - Women in Leadership - Stacy Mill
May 24, 2022 14:00 - 27 minutes - 37.4 MBThe cybersecurity field has traditionally been male dominated and there is clearly a desire to attract more women into the field. Join us as we discuss practical tips for women advancement to leadership positions, how to stand apart when climbing the leadership ladder, and advice for leading effective teams. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_StayMill_Article.pdf Mill, ...
Women in Leadership - Stacy Mill - CSP #71
May 24, 2022 14:00 - 27 minutes - 37.4 MBThe cybersecurity field has traditionally been male dominated and there is clearly a desire to attract more women into the field. Join us as we discuss practical tips for women advancement to leadership positions, how to stand apart when climbing the leadership ladder, and advice for leading effective teams. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_StayMill_Article.pdf Mill, ...
Establishing and Selling The Cost of Cybersecurity - Devon Bryan - CSP #70
May 17, 2022 14:00 - 27 minutes - 38.1 MBThe security spend is increasing year over year as hackers become more sophisticated, organized, and opportunistic. Join us as we discuss ways to determine and evaluate the cost of cybersecurity to ensure the organization is spending the appropriate amount to reduce the risk to an acceptable level. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_DevonBryan_Article.pdf Bryan, D. 2019...
CSP #70 - Establishing and Selling The Cost of Cybersecurity - Devon Bryan
May 17, 2022 14:00 - 27 minutes - 38.1 MBThe security spend is increasing year over year as hackers become more sophisticated, organized, and opportunistic. Join us as we discuss ways to determine and evaluate the cost of cybersecurity to ensure the organization is spending the appropriate amount to reduce the risk to an acceptable level. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_DevonBryan_Article.pdf Bryan, D. 2019...
CSP #69 - Deliver Your Board Message with Context and Confidence! - Jason Witty
May 10, 2022 14:00 - 22 minutes - 30.8 MBA key function of the CISO is to provide an accurate organizational picture of the risk the organization is currently accepting and communicate the strategy for enhancing the security maturity in support of the business goals. The way you prepare and communicate is just as important as the message. Join us as we discuss how to improve the delivery of the message. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content...
Deliver Your Board Message with Context and Confidence! - Jason Witty - CSP #69
May 10, 2022 14:00 - 22 minutes - 30.8 MBA key function of the CISO is to provide an accurate organizational picture of the risk the organization is currently accepting and communicate the strategy for enhancing the security maturity in support of the business goals. The way you prepare and communicate is just as important as the message. Join us as we discuss how to improve the delivery of the message. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content...
Using Security Metrics as a Shared Goal With Developers - Caroline Wong - CSP #68
May 03, 2022 14:00 - 25 minutes - 34.6 MBSecurity metrics are often a struggle to establish by security departments. These metrics may be taking too narrow of a view, whereby metrics visible and embraced by other areas can improve the security program success. Join us as we discuss these metrics. Additionally, Caroline is graciously offering her Linkedin metrics course focused on establishing objectives and measuring progress towards the objectives, to CISO STORIES listeners at no cost at https://www.linkedin.com/learning/learni...
CSP #68 - Using Security Metrics as a Shared Goal With Developers - Caroline Wong
May 03, 2022 14:00 - 25 minutes - 34.6 MBSecurity metrics are often a struggle to establish by security departments. These metrics may be taking too narrow of a view, whereby metrics visible and embraced by other areas can improve the security program success. Join us as we discuss these metrics. Additionally, Caroline is graciously offering her Linkedin metrics course focused on establishing objectives and measuring progress towards the objectives, to CISO STORIES listeners at no cost at https://www.linkedin.com/learning/learni...
Keeping Up with the Jones when Your Neighbors Are Bad Actors - Jason Taule - CSP #67
April 26, 2022 14:00 - 25 minutes - 35.6 MBOrganizations want to know, how are we doing with respect to security? Companies can accept risks they are aware of, and don’t want to outspend the competitors with the industry vertical. They also need a way to understand and benchmark the effectiveness of the security program. Join us as we discuss how to ensure the threats are being evaluated. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022...
CSP #67 - Keeping Up with the Jones when Your Neighbors Are Bad Actors - Jason Taule
April 26, 2022 14:00 - 25 minutes - 35.6 MBOrganizations want to know, how are we doing with respect to security? Companies can accept risks they are aware of, and don’t want to outspend the competitors with the industry vertical. They also need a way to understand and benchmark the effectiveness of the security program. Join us as we discuss how to ensure the threats are being evaluated. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022...
Get Ready: 4 Generations Are Returning to The Office! - Caitlin McGaw - CSP #66
April 19, 2022 14:00 - 25 minutes - 35.4 MBWe have four generations predominantly in the workforce today, boomers, generation X, Millennials, and Generation Z. Each generation was influenced by different world events, shaping values towards work, family, and technology. The past few years have brought a changing view towards work, with remote and hybrid working. Join us as we discuss these challenges. McGaw, C. 2019. Optimizing Four Generations in The Workforce. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges wi...
CSP #66 - Get Ready: 4 Generations Are Returning to The Office! - Caitlin McGaw
April 19, 2022 14:00 - 25 minutes - 35.4 MBWe have four generations predominantly in the workforce today, boomers, generation X, Millennials, and Generation Z. Each generation was influenced by different world events, shaping values towards work, family, and technology. The past few years have brought a changing view towards work, with remote and hybrid working. Join us as we discuss these challenges. McGaw, C. 2019. Optimizing Four Generations in The Workforce. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges wi...
CSP #65 - Control Frameworks Are There For A Reason - Philip Agcaoili
April 12, 2022 14:00 - 32 minutes - 45.2 MBIn addition to serving as a CISO for several large companies, Phil was instrumental in co-founding the Cloud Security Alliance (CSA) and creating the Cloud Controls Matrix (CCM) to identify what standards from the many frameworks such as NIST, ISO27000, COBIT, HIPAA, PCIDSS, etc. would be applicable to the cloud environment. Join Phil as he discusses his view of these frameworks and his approach to security today. To view the article from the CISO COMPASS Book that sparked this intervi...
Control Frameworks Are There For A Reason - Philip Agcaoili - CSP #65
April 12, 2022 14:00 - 32 minutes - 45.2 MBIn addition to serving as a CISO for several large companies, Phil was instrumental in co-founding the Cloud Security Alliance (CSA) and creating the Cloud Controls Matrix (CCM) to identify what standards from the many frameworks such as NIST, ISO27000, COBIT, HIPAA, PCIDSS, etc. would be applicable to the cloud environment. Join Phil as he discusses his view of these frameworks and his approach to security today. To view the article from the CISO COMPASS Book that sparked this intervi...
CSP #64 - Change Controls Are More Necessary Than Ever - Rebecca Herold
April 05, 2022 14:00 - 26 minutes - 35.8 MBOrganizations are developing technology at a rapid pace today to maintain business relevance and adapt to changing conditions. Rebecca talks about the importance of ensuring change control is implemented and the real impacts if not implemented correctly. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/12/CISOSTORIES_Rebecca_Herold_Article.pdf Herold, R. 2019 Change Controls Are More Nece...
Change Controls Are More Necessary Than Ever - Rebecca Herold - CSP #64
April 05, 2022 14:00 - 26 minutes - 35.8 MBOrganizations are developing technology at a rapid pace today to maintain business relevance and adapt to changing conditions. Rebecca talks about the importance of ensuring change control is implemented and the real impacts if not implemented correctly. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/12/CISOSTORIES_Rebecca_Herold_Article.pdf Herold, R. 2019 Change Controls Are More Nece...
Determining Cyber Risk Appetite With the Board - Adel Melek - CSP #63
March 29, 2022 14:00 - 30 minutes - 41.5 MBOne of the most important and impactful tasks of the CISO is presenting to the Board of Directors and Senior Management. The Board needs to have the confidence the CISO is able to determine risk and provide recommendations of cost-effective business-oriented solutions. Listen to Adel as he shares his experience in working with many organizations to reduce risk. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-conte...
CSP #63 - Determining Cyber Risk Appetite With the Board - Adel Melek
March 29, 2022 14:00 - 30 minutes - 41.5 MBOne of the most important and impactful tasks of the CISO is presenting to the Board of Directors and Senior Management. The Board needs to have the confidence the CISO is able to determine risk and provide recommendations of cost-effective business-oriented solutions. Listen to Adel as he shares his experience in working with many organizations to reduce risk. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-conte...
CISO Priorities 2022 - CSP #62
March 22, 2022 14:00 - 1 hour - 85.3 MBFor security leaders, it can be hard to catch a break when faced with the increasingly challenging task of defending their organizations from evolving threats while simultaneously fighting the battle of the budget in an effort to do more with less. What issues should CISOs be prioritizing, and how can they get the most bang for their buck with regard to minimizing potential risks and maximizing potential outcomes? CISO Stories Podcast hosts Sam Curry, CSO at Cybereason, and Todd Fitzgerald, ...
CSP #62 - CISO Priorities 2022
March 22, 2022 14:00 - 1 hour - 85.3 MBFor security leaders, it can be hard to catch a break when faced with the increasingly challenging task of defending their organizations from evolving threats while simultaneously fighting the battle of the budget in an effort to do more with less. What issues should CISOs be prioritizing, and how can they get the most bang for their buck with regard to minimizing potential risks and maximizing potential outcomes? CISO Stories Podcast hosts Sam Curry, CSO at Cybereason, and Todd Fitzgerald, ...
CSP #61 - Why Are We Still Failing at Security? - Wayman Cummings
March 15, 2022 16:00 - 13 minutes - 18.4 MBWhy are we failing at security, and will we ever graduate from Cyber-Kindergarten? The industry has arguably made a lot of progress over the last three decades, yet the attackers still enjoy a distinct advantage. Wayman Cummings, VP of Security Operations at Unisys, joins the podcast to discuss how industry stagnation impacts the security for our critical infrastructure when that rises to the level of national security, what value true public-private partnerships can bring, and more… S...