CISO Tradecraft®
286 episodes - English - Latest episode: 6 days ago - ★★★★★ - 46 ratingsWelcome to CISO Tradecraft®, your guide to mastering the art of being a top-tier Chief Information Security Officer (CISO). Our podcast empowers you to elevate your information security skills to an executive level. Join us on this journey through the domains of effective CISO leadership.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
#188 - Securing Small Businesses
July 08, 2024 10:00 - 25 minutes - 23.3 MBSecuring Small Businesses: Essential Cybersecurity Tools and Strategies In this episode of CISO Tradecraft, host G Mark Hardy discusses cybersecurity challenges specific to small businesses. He provides insights into key tools and strategies needed for effective cybersecurity management in small enterprises, including endpoint management, patch management, EDR tools, secure web gateways, IAM solutions, email security gateways, MDR services, and password managers. Hardy also evaluates these t...
#187 - Ensuring Profitable Growth
June 24, 2024 10:00 - 20 minutes - 18.7 MBWelcome to another episode of CISO Tradecraft with your host, G. Mark Hardy! In this episode, we dive into how CISOs can drive the profitable growth of their company's products and services. Breaking the traditional view of security as a cost center, Mark illustrates ways CISOs can support business objectives like customer outreach, service enablement, operational resilience, and cost reduction. Tune in for insightful strategies to improve your impact as a cybersecurity leader and a sneak pe...
#186 - AI Coaching (with Tom Bendien)
June 17, 2024 10:00 - 44 minutes - 40.9 MBExploring AI in Cybersecurity: Insights from an Expert - CISO Tradecraft with Tom Bendien In this episode of CISO Tradecraft, host G Mark Hardy sits down with AI expert Tom Bendien to delve into the impact of artificial intelligence on cybersecurity. They discuss the basics of AI, large language models, and the differences between public and private AI models. Tom shares his journey from New Zealand to the U.S. and how he became involved in AI consulting. They also cover the importance of ed...
#185 - Ethics and Artificial Intelligence (AI)
June 10, 2024 10:00 - 46 minutes - 42.7 MBIn this episode of CISO Tradecraft, host G Mark Hardy delves into the complex intersection of ethics and artificial intelligence. The discussion covers the seven stages of AI, from rule-based systems to the potential future of artificial superintelligence. G Mark explores ethical frameworks, such as rights-based ethics, justice and fairness, utilitarianism, common good, and virtue ethics, and applies them to AI development and usage. The episode also highlights ethical dilemmas, including pr...
#184 - Complexity is Killing Us
June 03, 2024 10:00 - 15 minutes - 14.4 MBIn this episode of CISO Tradecraft, host G Mark Hardy explores the challenges complexity introduces to cybersecurity, debunking the myth that more complex systems are inherently more secure. Through examples ranging from IT support issues to the intricacies of developing a web application with Kubernetes, the discussion highlights how complexity can obscure vulnerabilities, increase maintenance costs, and expand the attack surface. The episode also offers strategies to tackle complexity, inc...
#183 - Navigating the Cloud Security Landscape (with Chris Rothe)
May 27, 2024 10:00 - 44 minutes - 40.7 MBThis episode of CISO Tradecraft features a conversation between host G. Mark Hardy and Chris Rothe, co-founder of Red Canary, focusing on cloud security, managed detection and response (MDR) services, and the evolution of cybersecurity practices. They discuss the genesis of Red Canary, the significance of their company name, and the distinctions between Managed Security Service Providers (MSSPs) and MDRs. The conversation also covers the importance of cloud security, the challenges of securi...
#182 - Shaping the SOC of Tomorrow (with Debbie Gordon)
May 20, 2024 10:00 - 44 minutes - 40.8 MBThis episode of CISO Tradecraft, hosted by G Mark Hardy, features special guest Debbie Gordon. The discussion focuses on the critical role of Security Operations Centers (SOCs) in an organization's cybersecurity efforts, emphasizing the importance of personnel, skill development, and maintaining a high-performing team. It covers the essential aspects of building and managing a successful SOC, from hiring and retaining skilled incident responders to measuring their performance and productivit...
#181 - Inside the 2024 Verizon Data Breach Investigations Report
May 13, 2024 10:00 - 24 minutes - 22.6 MBIn this episode of CISO Tradecraft, host G Mark Hardy discusses the findings of the 2024 Verizon Data Breach Investigations Report (DBIR), covering over 10,000 breaches. Beginning with a brief history of the DBIR's inception in 2008, Hardy highlights the evolution of cyber threats, such as the significance of patching vulnerabilities and the predominance of hacking and malware. The report identifies the top methods bad actors use for exploiting companies, including attacking VPNs, desktop sh...
#180 - There's Room For Everybody In Your Router (with Giorgio Perticone)
May 06, 2024 11:43 - 1 hour - 61.3 MBIn this joint episode of the Security Break podcast and CISO Tradecraft podcast, hosts from both platforms come together to discuss a variety of current cybersecurity topics. They delve into the challenge of filtering relevant information in the cybersecurity sphere, elaborate on different interpretations of the same news based on the reader's background, and share a detailed analysis on specific cybersecurity news stories. The discussion covers topics such as the implications of data sharin...
#179 - The 7 Broken Pillars of Cybersecurity
April 29, 2024 10:00 - 32 minutes - 29.3 MBIn this episode of CISO Tradecraft, host G. Mark Hardy discusses seven critical issues facing the cybersecurity industry, offering a detailed analysis of each problem along with counterarguments. The concerns range from the lack of a unified cybersecurity license, the inefficiency and resource waste caused by auditors, to the need for a federal data privacy law. Hardy emphasizes the importance of evaluating policies, prioritizing effective controls, and examining current industry practices. ...
#178 - Cyber Threat Intelligence (with Jeff Majka & Andrew Dutton)
April 22, 2024 10:00 - 45 minutes - 41.8 MBIn this episode of CISO Tradecraft, hosts G Mark Hardy and guests Jeff Majka and Andrew Dutton discuss the vital role of competitive threat intelligence in cybersecurity. They explore how Security Bulldog's AI-powered platform helps enterprise cybersecurity teams efficiently remediate vulnerabilities by processing vast quantities of data, thereby saving time and enhancing productivity. The conversation covers the importance of diverse threat intelligence sources, including open-source intell...
#177 - 2024 CISO Mindmap (with Rafeeq Rehman)
April 15, 2024 10:00 - 46 minutes - 42.5 MBThis episode of CISO Tradecraft features a comprehensive discussion between host G Mark Hardy and guest Rafeeq Rehman, centered around the evolving role of CISOs, the impact of Generative AI, and strategies for effective cybersecurity leadership. Rafeeq shares insights on the CISO Mind Map, a tool for understanding the breadth of responsibilities in cybersecurity leadership, and discusses various focal areas for CISOs in 2024-2025, including the cautious adoption of Gen AI, tool consolidatio...
#176 - Reality-Based Leadership (with Alex Dorr)
April 08, 2024 10:00 - 47 minutes - 43.8 MBIn this episode of CISO Tradecraft, host G Mark Hardy welcomes Alex Dorr to discuss Reality-Based Leadership and its impact on reducing workplace drama and enhancing productivity. Alex shares his journey from professional basketball to becoming an evangelist of reality-based leadership, revealing how this approach helped him personally and professionally. They delve into the concepts of SBAR (Situation, Background, Analysis, Recommendation) for effective communication, toggling between low s...
#175 - Navigating NYDFS Cyber Regulation
April 01, 2024 10:00 - 33 minutes - 30.6 MBThis episode of CISO Tradecraft dives deep into the New York Department of Financial Services Cybersecurity Regulation, known as Part 500. Hosted by G Mark Hardy, the podcast outlines the significance of this regulation for financial services companies and beyond. Hardy emphasizes that Part 500 serves as a high-level framework applicable not just in New York or the financial sector but across various industries globally due to its comprehensive cybersecurity requirements. The discussion incl...
#174 - OWASP Top 10 Web Application Attacks
March 25, 2024 10:00 - 44 minutes - 40.6 MBIn this episode of CISO Tradecraft, host G. Mark Hardy delves into the crucial topic of the OWASP Top 10 Web Application Security Risks, offering insights on how attackers exploit vulnerabilities and practical advice on securing web applications. He introduces OWASP and its significant contributions to software security, then progresses to explain each of the OWASP Top 10 risks in detail, such as broken access control, injection flaws, and security misconfigurations. Through examples and rec...
#173 - Mastering Vulnerability Management
March 18, 2024 10:00 - 22 minutes - 20.4 MBIn this episode of CISO Tradecraft, host G Mark Hardy delves into the critical subject of vulnerability management for cybersecurity leaders. The discussion begins with defining the scope and importance of vulnerability management, referencing Park Foreman's comprehensive approach beyond mere patching, to include identification, classification, prioritization, remediation, and mitigation of software vulnerabilities. Hardy emphasizes the necessity of a strategic vulnerability management progr...
#172 - Table Top Exercises
March 11, 2024 10:00 - 41 minutes - 38.1 MBThis episode of CISO Tradecraft, hosted by G Mark Hardy, delves into the concept, significance, and implementation of tabletop exercises in improving organizational security posture. Tabletop exercises are described as invaluable, informal training sessions that simulate hypothetical situations allowing teams to discuss and plan responses, thereby refining incident response plans and protocols. The podcast covers the advantages of conducting these exercises, highlighting their cost-effective...
#171 - Navigating Software Supply Chain Security (with Cassie Crossley)
March 04, 2024 11:00 - 46 minutes - 43 MBIn this episode of CISO Tradecraft, host G Mark Hardy converses with Cassie Crossley, author of the book on software supply chain security. Hardy explores the importance of cybersecurity, the structure of software supply chains, and the potential risks they pose. Crossley shares her expert insights on different software source codes and the intricacies of secure development life cycle. She highlights the significance of Software Bill of Materials (SBOM) and the challenges in maintaining the ...
#170 - Responsibility, Accountability, and Authority
February 26, 2024 11:00 - 46 minutes - 42.8 MBIn this episode of CISO Tradecraft, the host, G Mark Hardy, delves into the concepts of responsibility, accountability, and authority. These are considered critical domains in any leadership position but are also specifically applicable in the field of cybersecurity. The host emphasizes the need for a perfect balance between these areas to avoid putting one in a scapegoat position, which is often common for CISOs. Drawing on his military and cybersecurity experiences, he provides insights in...
#169 - MFA Mishaps
February 19, 2024 11:00 - 33 minutes - 30.5 MBIn this episode of CISO Tradecraft, host G Mark Hardy discusses various mishaps that can occur with Multi-Factor Authentication (MFA) and how these can be exploited by attackers. The talk covers several scenarios such as the misuse of test servers, bypassing of MFA via malicious apps and phishing scams, violation of the Illinois Biometric Information Protection Act by using biometric data without proper consent, and potential future legal restrictions on biometric data usage. G Mark also hig...
#168 - Cybersecurity First Principles (with Rick Howard)
February 12, 2024 11:00 - 47 minutes - 43.2 MBIn this episode of CISO Tradecraft, host G Mark Hardy is joined by special guest Rick Howard, Chief Security Officer, Chief Analyst and Senior Fellow at CyberWire. Rick shares his insights on first principles in cybersecurity, discussing how these form the foundations of any cybersecurity strategy. He emphasizes the importance of understanding materiality and integrating the concept of time bound risk assessment to achieve a resilient cybersecurity environment. The episode also delves into t...
#167 - Cybersecurity Apprenticeships (with Craig Barber)
February 05, 2024 11:00 - 44 minutes - 40.9 MBIn this episode of CISO Tradecraft, host G Mark Hardy is joined by guest Craig Barber, the Chief Information Security Officer at SugarCRM. They discuss the increasingly critical topic of cybersecurity apprenticeships and Craig shares his personal journey from technical network engineer to CISO. They delve into the benefits of apprenticeships for both the individual and the organization, drawing parallels with guilds and trade schools of the past and incorporating real-world examples. They al...
#166 - Cyber Acronyms You Should Know
January 29, 2024 11:00 - 38 minutes - 35.5 MBThis video introduces a newly proposed acronym in the world of cybersecurity known as the 'Cyber UPDATE'. The acronym breaks down into Unchanging, Perimeterizing, Distributing, Authenticating and Authorizing, Tracing, and Ephemeralizing. The video aims to explain each component of the acronym and its significance in enhancing cybersecurity. References: https://www.watchguard.com/wgrd-news/blog/decrypting-cybersecurity-acronyms-0 https://computerhistory.org/profile/john-mccarthy/ https:/...
#165 - Modernizing Our SOC Ingest (with JP Bourget)
January 22, 2024 11:00 - 44 minutes - 40.9 MBIn this episode of CISO Tradecraft, host G Mark Hardy interviews JP Bourget about the security data pipeline and how modernizing SOC ingest can improve efficiency and outcomes. Featuring discussions on cybersecurity leadership, API integrations, and the role of AI and advanced model learning in future data lake architectures. They discuss how vendor policies can impact data accessibility. They also reflect on their shared Buffalo roots and because their professional journeys. Tune in for val...
#164 - The 7 Lies in Cyber
January 15, 2024 11:00 - 29 minutes - 26.6 MBIn this episode of CISO Tradecraft, we debunk seven common lies pervasive in the cybersecurity industry. From the fallacy of achieving a complete inventory before moving onto other controls, the misconception about the accuracy of AppSec tools, to the fear of being viewed as a cost center - we delve deep into these misconceptions, elucidating their roots and impacts. We also discuss how ISO and FAIR, audits and certifications, risk assessments, and mandatory cyber incident reporting may not ...
#163 - Operational Resilience
January 08, 2024 11:00 - 23 minutes - 21.2 MBJoin G Mark Hardy in this episode of the CISO Tradecraft podcast where he details how cyber protects revenue. He clarifies how cybersecurity is seen as a cost center by most organizations, but stresses how it can become a protector of business profits. Concepts like Operational Resilience Framework (ORF) Version 2 by the Global Resilience Federation are discussed in depth. Hardy also outlines seven steps from ORF to operational resilience including implementing industry-recognized frameworks...
#162 - CISO Predictions for 2024
January 01, 2024 11:00 - 42 minutes - 39.3 MBLooking for accurate predictions on what 2024 holds for cybersecurity? Tune into our latest episode of CISO Tradecraft for intriguing insights and industry trends. Listen now and boost your cybersecurity knowledge! Earn CPEs: https://www.cisotradecraft.com/isaca Transcripts: https://docs.google.com/document/d/11YX2bjhIVThSNPF6yEKaNWECErxjWA-R Chapters 00:00 Introduction 02:11 1) CISOs flock to buy private liability and D&O insurance. It also becomes the norm for CISO hiring agreements...
#161 - Secure Developer Training Programs (with Scott Russo) Part 2
December 25, 2023 11:00 - 45 minutes - 41.5 MBIn the second half of the discussion about secure developer training programs, G Mark Hardy and Scott Russo delve deeper into how to engineer an effective cybersecurity course. They discuss the importance and impact of automation and shifting left, the customization needed for different programming languages and practices, and the role of gamification in engagement and learning. The conversation also touches upon anticipating secular trends, compliance with privacy and data protection regula...
#160 - Secure Developer Training Programs (with Scott Russo) Part 1
December 18, 2023 11:00 - 42 minutes - 38.8 MBIn this episode of CISO Tradecraft, host G Mark Hardy invites Scott Russo, a cybersecurity and engineering expert for a deep dive into the creation and maintenance of secure developer training programs. Scott discusses the importance of hands-on engaging training and the intersection of cybersecurity with teaching and mentorship. Scott shares his experiences building a secure developer training program, emphasizing the importance of gamification, tiered training, showmanship, and real-world ...
#159 - Refreshing Your Cybersecurity Strategy
December 11, 2023 11:00 - 23 minutes - 21.5 MBIn this episode of CISO Tradecraft, host G. Mark Hardy guides listeners on how to refresh their cybersecurity strategy. Starting with the essential assessments on the current state of your security, through to the creation of a comprehensive, one-page cyber plan. The discussion covers different approaches to upskilling the workforce, tools utilization, vulnerability management, relevant regulations, and selecting the best solution for your specific needs. The show also includes tips on build...
#158 - Building a Data Security Lake (with Noam Brosh)
December 04, 2023 11:00 - 43 minutes - 40.4 MBDiscover the key to a more effective cybersecurity strategy in the newest episode of CISO Tradecraft! We're talking SOC tools, building a data lake for security, and more with guest Noam Brosh of Hunters. Don't miss it! Big Thanks to our Sponsors Risk3Sixty - https://risk3sixty.com/ Hunters - https://www.hunters.security/ Noam Brosh - https://www.linkedin.com/in/noam-brosh-5743938/ Transcripts: https://docs.google.com/document/d/1ArTixgEvRsVpLVdV2uVFAKCKSB2mBUKo Youtube Link: https:/...
#157 - SOC Skills Part 2 (with Hasan Eksi)
November 27, 2023 09:00 - 36 minutes - 33.2 MBIn this episode of CISO Tradecraft, G Mark Hardy and Hasan Eksi from CyberNow Labs continue the discussion about the vital skills needed for an effective incident responder within a Security Operations Center (SOC). The skills highlighted in this episode include: incident triage, incident response frameworks, communication, collaboration, documentation, memory analysis, incident containment and eradication, scripting and automation, cloud security, and crisis management. Big Thanks to our S...
#157 - SOC Skills (with Hasan Eksi) Part 2
November 27, 2023 09:00 - 36 minutes - 33.2 MBIn this episode of CISO Tradecraft, G Mark Hardy and Hasan Eksi from CyberNow Labs continue the discussion about the vital skills needed for an effective incident responder within a Security Operations Center (SOC). The skills highlighted in this episode include: incident triage, incident response frameworks, communication, collaboration, documentation, memory analysis, incident containment and eradication, scripting and automation, cloud security, and crisis management. Big Thanks to our S...
#156 - SMB CISO Challenges (with Kevin O’Connor)
November 20, 2023 09:00 - 43 minutes - 39.9 MBIn this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detection and response systems. The discussion also delves into the i...
#155 - SOC Skills Part 1 (with Hasan Eksi)
November 13, 2023 09:00 - 43 minutes - 40 MBIn this episode of CISO Tradecraft we have a detailed conversation with Hasan Eksi from CyberNow Labs. G Mark and Hasan discuss the top 20 skills required by incident responders, covering the first 10 in part 1 of this series. The discussion ranges from understanding cybersecurity fundamentals to incident detection, threat intelligence, and malware analysis. This episode aims to enhance listeners' understanding of incident response, its significance, the skills required, and strategies for e...
#155 - SOC Skills (with Hasan Eksi) Part 1
November 13, 2023 09:00 - 43 minutes - 40 MBIn this episode of CISO Tradecraft we have a detailed conversation with Hasan Eksi from CyberNow Labs. G Mark and Hasan discuss the top 20 skills required by incident responders, covering the first 10 in part 1 of this series. The discussion ranges from understanding cybersecurity fundamentals to incident detection, threat intelligence, and malware analysis. This episode aims to enhance listeners' understanding of incident response, its significance, the skills required, and strategies for e...
#154 - Data Protection (with Amer Deeba)
November 06, 2023 09:00 - 41 minutes - 38.1 MBIn this episode of CISO Tradecraft, host G Mark Hardy welcomes special guest Amer Deeba, CEO and co-founder of Normalyze. They focus on the importance of data security in today's cloud-centric, multi-platform tech environment. Amer shares valuable insights on the need for a data security platform that offers a unified, holistic approach. The conversation also delves into the importance of understanding the value of your data, and how solutions such as Normalyze can accurately identify and cl...
#153 - Game-Based Learning (with Andy Serwin & Eric Basu)
October 30, 2023 08:00 - 46 minutes - 42.4 MBOn this episode we talk about the differences between Gamification and Game-Based Learning. We think you will enjoy hearing how Game-Based learning gets folks into the flow and creates novel training that resonates. We also have a great discussion on how games can be applicable for Board Members and Techies. You just need to get the right type of game for the right audience and let the magic happen. Big Thanks to our Sponsors Haiku - https://www.haikuinc.io/ Risk3Sixty - https://risk3si...
#152 - Speak My Language (with Andrew Chrostowski)
October 23, 2023 08:00 - 45 minutes - 41.4 MBLearn the language of the board with Andrew Chrostowski. In this episode we discuss the 3 major risk categories of opportunity risk, cybersecurity risk and complex systems. We highlight intentional deficit and what to do about it. Finally, don't miss the part where we talk about the time for a digital strategy is past. What is needed today is a comprehensive strategy for a world of digital opportunities and existential cyber risks. Big thanks to our sponsor: Risk3Sixty - https://risk3sixty...
#151 - Cyber War
October 16, 2023 08:00 - 45 minutes - 42.1 MBOn this episode we do a master class on cyber warfare. Learn the terminology. Learn the differences and similarities between kinetic and cyber warfare. There's a lot of interesting discussion, so check it out. Big thanks to our sponsor: Risk3Sixty - https://risk3sixty.com/whitepaper/ Transcripts https://docs.google.com/document/d/1yJYoVs3pO4u_Zq8UC8YQmnYVGrsH93-H Air Force Doctrine Publication 3-0 - Operations and Planning https://www.doctrine.af.mil/Portals/61/documents/AFDP_3-0/3-0-D...
#150 - Measuring Results
October 09, 2023 08:00 - 17 minutes - 16.3 MBOn this episode we discuss the measuring results cheat sheet from Justin Mecham. Key focuses include: Defining SMART Goals (Specific, Measurable, Achievable, Relevant, & Time-Bound) Identifying KPIs (Key Performance Indicators) Using the WOOP Model (Wish, Outcome, Obstacle, and Plan) Using a Gap Analysis Using the 5 Why Method Using Plan, Do, Check, & Act. Link to the Measuring Results Cheat Sheet https://www.linkedin.com/posts/justinmecham_harvard-says-leaders-are-10x-more-likely-ac...
#149 - Board Perspectives
October 02, 2023 08:00 - 43 minutes - 39.7 MBOn this episode we discuss the four key roles Boards play in cybersecurity. Setting the company's vision and risk strategy Reviewing assessment results Evaluating management cyber risk stance Approving risk management plans Big thanks to our sponsor: Risk3Sixty - https://risk3sixty.com/whitepaper/ Transcripts - https://docs.google.com/document/d/1jarCcQYioT59jtIrppH4xZqyAy4Vn_tB/ Chapters 00:00 Introduction 01:36 What is a Board of Directors and what do they do? 09:33 FFIEC req...
#148 - Threat Modeling (with Adam Shostack)
September 25, 2023 08:00 - 37 minutes - 34.6 MBOn this episode we bring on the leading expert of threat modeling (Adam Shostack) to discuss the four questions that every team should ask: What are we working on? What can go wrong? What are we going to do about it? Did we do a good enough job? Big thanks to our sponsor: Risk3Sixty - https://risk3sixty.com/whitepaper/ Adam Shostack's LinkedIn Profile - https://www.linkedin.com/in/shostack/ Learn more about threat modeling by checking out Adam's books on threat modeling Threats: What...
#147 - Betting on MFA
September 18, 2023 08:00 - 42 minutes - 39.3 MBThere's a lot of new cyber attacks occurring and today we are going to talk about them in more detail. Many bad actors are using SMS spoofing and Social Engineering to get in. Listen in an learn about how those attacks played out against the casino industry. You don't want to miss when we share what you can do to stop them. Pro-tip: Good MFA is your friend. Use it everywhere you can including on your employees and customers during phone calls. Big Thanks to our Sponsor Risk3Sixty - h...
#146 - Living in a Materiality World
September 11, 2023 08:00 - 42 minutes - 38.7 MBHave you ever thought about what does it mean to say there has been a material incident? How is materiality determined? What is the history of how that term has been defined by U.S. Regulators. Listen to today's show and increase your CISO Tradecraft Big Thanks to our Sponsors Risk3Sixty - https://risk3sixty.com/whitepaper/ CPRIME - For those valuing leadership, policy, and governance in tech risk and security, Cprime is here to help. Enhance your skills with our training and workshops, ...
#145 - The Cost of Cyber Defense
September 04, 2023 08:00 - 35 minutes - 33 MBOn this episode we overview the CIS Document titled, "The Cost of Cyber Defense". https://www.cisecurity.org/insights/white-papers/the-cost-of-cyber-defense-cis-controls-ig1 Big Thanks to our Sponsors Risk3Sixty - https://risk3sixty.com/whitepaper/ CPRIME - For those valuing leadership, policy, and governance in tech risk and security, Cprime is here to help. Enhance your skills with our training and workshops, ensuring effective policy design and strategy alignment. As a tech coaching ...
#144 - Handling Regulatory Change
August 28, 2023 08:00 - 24 minutes - 22.1 MBIn this episode of CISO Tradecraft, we delve into the evolving landscape of cybersecurity regulations. From data incident notifications to required contract language, we uncover common trends and compliance challenges. Learn how to prepare, adapt, and network within your industry to stay ahead. Tune in for insights and tips! Thanks again to our Sponsors for supporting this episode: Risk3Sixty: Check out Risk3Sixty's weekly thought leadership webinars and downloadable resources at https://r...
#143 - Authentication, Rainbow Tables, and Password Managers
August 21, 2023 08:00 - 45 minutes - 41.6 MBHere's a nice overview of cybersecurity on passwords, authentication, rainbow tables, and password managers. Enjoy the show and check out our other podcasts. Special Thanks to our Sponsors: Risk3Sixty: Being able to clearly articulate your vision for your security program to the board and other executives within your firm is critical to obtaining the buy in you need for your program's success. Risk3Sixty has created a presentation template that helps you structure your thoughts while telli...
#142 - Powerful Questions
August 14, 2023 08:00 - 33 minutes - 31.2 MBJoin us at the heart of Hacker Summer Camp for insights into the cybersecurity world! Discover the art of asking powerful questions that can change your career and impact others. Learn how CISOs assess cyber solutions and how startups can win their attention. Uncover the secrets of building connections and value through meaningful inquiries. Don't miss this episode featuring expert advice on navigating the cybersecurity landscape. Special Thanks to our Sponsors: The Chertoff Group: https:/...
#141 - Emerging Risks (with The Chertoff Group)
August 07, 2023 08:00 - 41 minutes - 38 MBOn this episode, David London and Adam Isles from the Chertoff Group stop by to discuss emerging risk topics such as AI, Supply Chain Attacks, and the new SEC regulations. Stick around and learn the tradecraft to better protect your company. Special Thanks to our Sponsors: The Chertoff Group: https://www.chertoffgroup.com.Note you can read more about their thoughts on AI here: https://www.chertoffgroup.com/managing-ai-risks/ Prelude: https://www.preludesecurity.com/ CPrime: At work, brid...