#149 - Board Perspectives
CISO Tradecraft®
English - October 02, 2023 08:00 - 43 minutes - 39.7 MB - ★★★★★ - 46 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: #148 - Threat Modeling (with Adam Shostack)
Next Episode: #150 - Measuring Results
On this episode we discuss the four key roles Boards play in cybersecurity.
Setting the company's vision and risk strategy
Reviewing assessment results
Evaluating management cyber risk stance
Approving risk management plans
Big thanks to our sponsor:
Risk3Sixty - https://risk3sixty.com/whitepaper/
Transcripts - https://docs.google.com/document/d/1jarCcQYioT59jtIrppH4xZqyAy4Vn_tB/
Chapters
00:00 Introduction
01:36 What is a Board of Directors and what do they do?
09:33 FFIEC requirements for Boards
16:51 Establishing an Information Security Culture
19:08 Vision and Risk Appetite
22:00 Reviewing Cyber Assessments
25:09 Are we secure?
32:44 Castle Walls and Attacks
33:37 Getting your budget requests approved
37:10 Using use or loose money and reserved funding