CISO Tradecraft®
286 episodes - English - Latest episode: 7 days ago - ★★★★★ - 46 ratingsWelcome to CISO Tradecraft®, your guide to mastering the art of being a top-tier Chief Information Security Officer (CISO). Our podcast empowers you to elevate your information security skills to an executive level. Join us on this journey through the domains of effective CISO leadership.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
#92 - Updating the Executive Leadership Team on Cyber
August 22, 2022 11:19 - 26 minutes - 36.1 MBShow Notes Hello, and welcome to another episode of CISO Tradecraft -- the podcast that provides you with the information, knowledge, and wisdom to be a more effective cyber security leader. My name is G. Mark Hardy, and today we're going to offer tips and tools for briefing your executive leadership team, including the four major topics that you need to cover. As always, please follow us on LinkedIn, and make sure you subscribe so you can always get the latest updates. Imagine you have ...
#91 - Hacker Summer Camp
August 15, 2022 23:04 - 32 minutes - 44.4 MBOn this episode you can hear the tale of three conferences. Listen and learn about the history of BSides, Black Hat, and DEF CON. Learn what makes these conferences special and enjoy some of the untold history of each conference.
#90 - A CISO’s Guide to Pentesting
August 08, 2022 08:05 - 16 minutes - 22 MBA CISO’s Guide to Pentesting References https://en.wikipedia.org/wiki/Penetration_test https://partner-security.withgoogle.com/docs/pentest_guidelines#assessment-methodology https://owasp.org/www-project-web-security-testing-guide/latest/3-The_OWASP_Testing_Framework/1-Penetration_Testing_Methodologies https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf https://pentest-standard.readthedocs.io/en/latest/ https://www.isecom.org/OSSTMM.3.pdf https:...
#89 - Connecting the Dots (with Sean Heritage)
August 01, 2022 08:01 - 46 minutes - 63.5 MBI've been a fan of Sean Heritage for years when I first discovered his blog, "Connecting the Dots." Today I have the privilege to listen to his thoughts on cybersecurity careers in both the military and the "real world," how to prioritize your life, what careers goals you should (and should NOT) aim for, and the importance of great leadership. Book reference: Connecting the Dots: Deliberate Observations and Leadership Musings About Everyday Life https://www.amazon.com/Connecting-Dots...
#88 - Tackling 3 Really Hard Problems in Cyber (with Andy Ellis)
July 25, 2022 08:01 - 47 minutes - 64.8 MBThis episode of CISO Tradecraft, Andy Ellis from Orca Security stops by to talk about three really hard problems that CISOs have struggled with for decades. How do we build a phishing program that works? How do we build a 3rd party risk management program that isn't a paper exercise? How do we actually get good at patch management? Stick around for some great answers such as: Human error is a system in need of redesign How do we put every employee on an island protected from the compa...
#87 - From Hunt Team to Hunter (with Bryce Kunz)
July 18, 2022 08:01 - 43 minutes - 60.1 MBOn this episode of CISO Tradecraft, Bryce Kunz from Stage 2 Security stops by to discuss how offensive cyber operations are evolving. Come and learn how attackers are bypassing MFA and EDR solutions to target your cloud environment. You can also hear what Bryce recommends to beat the bear that is Ransomware. References: Link How Attackers Bypass MFA with Evilginx 2 Link Stage 2 Security Black Hat Course
#86 - The CISO MindMap (with Rafeeq Rehman)
July 11, 2022 08:01 - 45 minutes - 62.4 MBThis episode features Rafeeq Rehman. He discusses the need for a CISO Mindmap and 6 Focus Areas for 2022-2023: 1. Re-evaluate ransomware defenses, detection and response capabilities, perform a business impact analysis and identify critical processes, applications and data. 2. Reduce/consolidate security tools/technologies and vendors. More tools don’t necessarily reduce risk but do add the need for maintaining expertise on security teams. 3. To serve your business better, train staff...
#85 - The Fab 5 Security Outcomes Study (with Helen Patton)
July 04, 2022 08:01 - 44 minutes - 60.9 MBOn this episode of CISO Tradecraft, we feature Helen Patton. Helen shares many of her career experiences working across JP Morgan, The Ohio State University, and now Cisco. -Is technical acumen needed for CISOs? -Surviving organizational politics (34:45) Helen discusses The Fab 5 Security Outcomes study. Volume 1 Study - Link Volume 2 Study - Link
#84 - Gaining Trust (with Robin Dreeke)
June 27, 2022 11:13 - 45 minutes - 62.8 MBOn this episode of CISO Tradecraft we feature Robin Dreeke from People Formula. Robin was the former head of the FBI Counterintelligence Behavioral Analysis Program and has an amazing background in learning how individuals think, build trust, and communicate. Robin highlights 4 Pillars of Communicating: Seek the thoughts and opinions of others Talk in terms of priorities, pain points, and challenges of others Use Nonjudgmental validation (ie seek to understand others without judging) E...
#83 - Cyber Defense Matrix Reloaded (with Sounil Yu)
June 20, 2022 11:17 - 48 minutes - 66.1 MBThis episode is sponsored by Varonis. You can learn more on how to reduce your ransomware radius by performing a free ransomware readiness assessment Link On this episode, Sounil Yu continues his discussion about his new book ("Cyber Defense Matrix"). Listen to learn more about: Pre-Event Structural Awareness vs Post-Event Situational Awareness Environmental vs Contextual Awareness Understanding Security Handoffs Rationalizing Technologies Portfolio Analysis Responding to Emergin...
#82 - Cyber Defense Matrix (with Sounil Yu)
June 13, 2022 11:21 - 50 minutes - 69.5 MBThis episode is sponsored by Varonis. You can learn more on how to reduce your ransomware radius by performing a free ransomware readiness assessment Link This episode of CISO Tradecraft has Sounil Yu talk about his new book, "Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape". Sounil reviews the Cyber Defense Matrix in depth. We discuss how the Cyber Defense Matrix can be used for: Capturing & Organizing Measurements & Metrics Developing a Cyber Secur...
#81- Career Lessons from a CISO (with John Hellickson)
June 06, 2022 08:01 - 41 minutes - 56.9 MBOn this episode of CISO Tradecraft, John Hellickson from Coalfire talks about his career as a CISO. Listen and learn about: The evolving role of the CISO How John got started as a CISO Whis is a Field CISO and how does it differ from a traditional CISO role Tips on getting your career to the next level by attending the right conferences and getting an executive coach How to get Business Alignment How the Security Advisor Alliance is helping the next generation of cyber talent
#80 - Breaking Backbones (with Deb Radcliff)
May 30, 2022 08:01 - 44 minutes - 60.5 MBA respected journalist focusing on cybersecurity and our community of people for over 25 years, Deb Radcliff remains a trusted information source who checks and double-checks her sources before publication -- a refreshing change to the low signal - high noise world of social media. In this episode, we discuss where CISOs might turn for accurate information, how the industry has evolved in complexity, and take a look at the first of three fictional novels she's writing about a future world w...
#79 - Addressing the Top CEO Concerns
May 23, 2022 05:01 - 38 minutes - 52.9 MBOn this Episode of CISO Tradecraft we talk about the Top 10 areas of concern for the C Suite about Ransomware. Note you can read the full ISC2 Study here (Link). Cybersecurity professionals should keep the following golden rules in mind when communicating with the C-suite about ransomware. Increase Communication and Reporting to Leadership Temper Overconfidence as Needed Tailor Your Message Make the Case for New Staff and Other Investments Make Clear that Ransomware Defense is Everyon...
CISO Tradecraft: Addressing the Top CEO Concerns
May 23, 2022 05:01 - 38 minutes - 52.9 MBOn this Episode of CISO Tradecraft we talk about the Top 10 areas of concern for the C Suite about Ransomware. Note you can read the full ISC2 Study here (Link). Cybersecurity professionals should keep the following golden rules in mind when communicating with the C-suite about ransomware. Increase Communication and Reporting to Leadership Temper Overconfidence as Needed Tailor Your Message Make the Case for New Staff and Other Investments Make Clear that Ransomware Defense is Everyon...
CISO Tradecraft: Addressing the top CEO Concerns
May 23, 2022 05:01 - 38 minutes - 52.9 MBOn this Episode of CISO Tradecraft we talk about the Top 10 areas of concern for the C Suite about Ransomware. Note you can read the full ISC2 Study here (Link). Cybersecurity professionals should keep the following golden rules in mind when communicating with the C-suite about ransomware. Increase Communication and Reporting to Leadership Temper Overconfidence as Needed Tailor Your Message Make the Case for New Staff and Other Investments Make Clear that Ransomware Defense is Everyon...
CISO Tradecraft: 3 Business Objectives & 5 CISO Archetypes (with Christian Hyatt)
May 16, 2022 11:49 - 45 minutes - 62.2 MBOn this episode of CISO Tradecraft, Christian Hyatt from risk3sixty stops by to discuss the 3 major Business Objectives for CISOs: Risk Management Cost Reduction Revenue Generation He also discusses the five CISO Archetypes. The Executive The Engineer The GRC Guru The Technician The Builder References: The 5 CISO Archetypes Book Link Designing the CISO Role Link
#78 - Business Objectives & 5 CISO Archetypes (with Christian Hyatt)
May 16, 2022 11:49 - 45 minutes - 62.2 MBOn this episode of CISO Tradecraft, Christian Hyatt from risk3sixty stops by to discuss the 3 major Business Objectives for CISOs: Risk Management Cost Reduction Revenue Generation He also discusses the five CISO Archetypes. The Executive The Engineer The GRC Guru The Technician The Builder References: The 5 CISO Archetypes Book Link Designing the CISO Role Link
CISO Tradecraft: Countering Corporate Espionage
May 09, 2022 11:53 - 46 minutes - 64.1 MBChances are your organization has information that someone else wants. If it's another nation state, their methods may not be friendly or even legal. In this episode we address assessing risk, known "bad" actors, information targets, exfiltration, cyber security models, what the federal government is doing for contractors, and response strategies. Listen now so you don't become a statistic later. References: https://www.fbi.gov/file-repository/china-exec-summary-risk-to-corporate-ame...
#77 - Countering Corporate Espionage
May 09, 2022 11:53 - 46 minutes - 64.1 MBChances are your organization has information that someone else wants. If it's another nation state, their methods may not be friendly or even legal. In this episode we address assessing risk, known "bad" actors, information targets, exfiltration, cyber security models, what the federal government is doing for contractors, and response strategies. Listen now so you don't become a statistic later. References: https://www.fbi.gov/file-repository/china-exec-summary-risk-to-corporate-ame...
CISO Tradecraft: The Demise of the Cybersecurity Workforce
May 02, 2022 11:33 - 41 minutes - 57.4 MBOur career has been growing like crazy with an estimated 3.5 million unfilled cybersecurity jobs within the next few years. More certs, more quals, more money, right? The sky’s the limit. But what if we’re wrong? AI, machine learning, security-by-design, outsourcing, and H-1B programs may put huge downward pressure on future job opportunities (and pay) in this country. Of course, we don’t WANT this, but shouldn’t a wise professional prepare for possibilities? [We did a ton of research ...
#76 - The Demise of the Cybersecurity Workforce
May 02, 2022 11:33 - 41 minutes - 57.4 MBOur career has been growing like crazy with an estimated 3.5 million unfilled cybersecurity jobs within the next few years. More certs, more quals, more money, right? The sky’s the limit. But what if we’re wrong? AI, machine learning, security-by-design, outsourcing, and H-1B programs may put huge downward pressure on future job opportunities (and pay) in this country. Of course, we don’t WANT this, but shouldn’t a wise professional prepare for possibilities? [We did a ton of research ...
#75 - Avoiding Death By PowerPoint
April 25, 2022 11:37 - 19 minutes - 27.1 MBOn this episode of CISO Tradecraft, we discuss how to avoid Death By PowerPoint by creating cyber awareness training that involves and engages listeners. Specifically we discuss: The EDGE method: Explain, Demonstrate, Guide, and Enable Escape Rooms Tabletop Exercises Polling During Presentations Short videos from online resources References: https://blog.scoutingmagazine.org/2017/05/05/living-on-the-edge-this-is-the-correct-way-to-teach-someone-a-skill/ http://www.inquiry.net/ideals...
CISO Tradecraft: Avoiding Death By PowerPoint
April 25, 2022 11:37 - 19 minutes - 27.1 MBOn this episode of CISO Tradecraft, we discuss how to avoid Death By PowerPoint by creating cyber awareness training that involves and engages listeners. Specifically we discuss: The EDGE method: Explain, Demonstrate, Guide, and Enable Escape Rooms Tabletop Exercises Polling During Presentations Short videos from online resources References: https://blog.scoutingmagazine.org/2017/05/05/living-on-the-edge-this-is-the-correct-way-to-teach-someone-a-skill/ http://www.inquiry.net/ideals...
#74 - Pass the Passwords
April 18, 2022 11:41 - 42 minutes - 58.6 MBOn this episode of CISO Tradecraft, we focus on the Password Security and how it's evolving. Tune in to learn about: Why do we need passwords Ways consumers login and authenticate How bad actors attack passwords How long does it take to break passwords Different types of MFA The future of passwords with conditional access policies Infographic: References: https://danielmiessler.com/blog/not-all-mfa-is-equal-and-the-differences-matter-a-lot/ https://www.hivesystems.io/blog/are...
CISO Tradecraft: Pass the Passwords
April 18, 2022 11:41 - 42 minutes - 58.6 MBOn this episode of CISO Tradecraft, we focus on the Password Security and how it's evolving. Tune in to learn about: Why do we need passwords Ways consumers login and authenticate How bad actors attack passwords How long does it take to break passwords Different types of MFA The future of passwords with conditional access policies Infographic: References: https://danielmiessler.com/blog/not-all-mfa-is-equal-and-the-differences-matter-a-lot/ https://www.hivesystems.io/blog/are...
#73 - Wonderful Winn Schwartau
April 11, 2022 11:45 - 47 minutes - 65 MBWinn Schwartau is a well-recognized icon in the cybersecurity community, and also a dear friend for over 25 years. Always one to stir the pot and offer radical ideas (many of which come true), we discuss Hacker Jeopardy, INFOWARCON, his books "Pearl Harbor Dot Com", "Time-Based Security", and his magnum opus "Analog Security." We speculate on the future of our industry with respect to quantum and probabilistic computing, and after hanging up his pen, looks like he's doing a Tom Brady and w...
CISO Tradecraft: Wonderful Winn Schwartau
April 11, 2022 11:45 - 47 minutes - 65 MBWinn Schwartau is a well-recognized icon in the cybersecurity community, and also a dear friend for over 25 years. Always one to stir the pot and offer radical ideas (many of which come true), we discuss Hacker Jeopardy, INFOWARCON, his books "Pearl Harbor Dot Com", "Time-Based Security", and his magnum opus "Analog Security." We speculate on the future of our industry with respect to quantum and probabilistic computing, and after hanging up his pen, looks like he's doing a Tom Brady and w...
#72 - Logging In with SIEMs (with Anton Chuvakin)
April 04, 2022 11:49 - 48 minutes - 66.6 MBOn this episode of CISO Tradecraft, Anton Chuvakin talks about Logging, Security Information & Event Management (SIEM) tooling, and Cloud Security. Anton share’s fantastic points of view on: How moving to the cloud is like moving to a space station (13:44) How you may be one IAM mistake away from a breach (20:05) How a SIEM is a logging based approach, whereas EDRs require agents at endpoints. This becomes really interesting when cloud solutions don’t have an endpoint to install an agen...
CISO Tradecraft: Logging In with SIEMs (with Anton Chuvakin)
April 04, 2022 11:49 - 48 minutes - 66.6 MBOn this episode of CISO Tradecraft, Anton Chuvakin talks about Logging, Security Information & Event Management (SIEM) tooling, and Cloud Security. Anton share’s fantastic points of view on: How moving to the cloud is like moving to a space station (13:44) How you may be one IAM mistake away from a breach (20:05) How a SIEM is a logging based approach, whereas EDRs require agents at endpoints. This becomes really interesting when cloud solutions don’t have an endpoint to install an agen...
CISO Tradecraft: Lessons Learned as a CISO (with Gary Hayslip)
March 28, 2022 11:53 - 54 minutes - 74.5 MBOn this special episode of CISO Tradecraft, we have Gary Hayslip talk about his lessons learned being a CISO. He shares various tips and tricks he has used to work effectively as a CISO across multiple companies. Everything from fish tacos and beer to how to look at an opportunity when your boss has no clue about cyber frameworks. There's lots of great information to digest. Additionally, Gary has co-authored a number of amazing books on cyber security that we strongly recommend rea...
#71 - Lessons Learned as a CISO (with Gary Hayslip)
March 28, 2022 11:53 - 54 minutes - 74.5 MBOn this special episode of CISO Tradecraft, we have Gary Hayslip talk about his lessons learned being a CISO. He shares various tips and tricks he has used to work effectively as a CISO across multiple companies. Everything from fish tacos and beer to how to look at an opportunity when your boss has no clue about cyber frameworks. There's lots of great information to digest. Additionally, Gary has co-authored a number of amazing books on cyber security that we strongly recommend rea...
#70 - Partnership is Key
March 21, 2022 11:57 - 16 minutes - 22 MBOn this episode of CISO Tradecraft you can learn how to build relationships of trust with other executives by demonstrating executive skill & cyber security expertise. You can learn what to say to each of the following executives to build common ground and meaningful work: CFO Legal Marketing Business Units CEO CIO HR Note Robin Dreeke mentions 5 keys to building goals.: Learn… about their priorities, goals, and objectives. Place… theirs ahead of yours Allow them to talk…. susp...
CISO Tradecraft: Partnership is Key
March 21, 2022 11:57 - 16 minutes - 22 MBOn this episode of CISO Tradecraft you can learn how to build relationships of trust with other executives by demonstrating executive skill & cyber security expertise. You can learn what to say to each of the following executives to build common ground and meaningful work: CFO Legal Marketing Business Units CEO CIO HR Note Robin Dreeke mentions 5 keys to building goals.: Learn… about their priorities, goals, and objectives. Place… theirs ahead of yours Allow them to talk…. susp...
CISO Tradecraft: Aligning Security Initiatives with Business Objectives
March 14, 2022 11:22 - 25 minutes - 34.8 MBOn this episode of CISO Tradecraft, we talk about how cyber can help the four business key objectives identified by InfoTech: 1. Profit generation: The revenue generated from a business capability with a product that is enabled with modern technologies. 2. Cost reduction: The cost reduction when performing business capabilities with a product that is enabled with modern technologies. 3. Service enablement: The productivity and efficiency gains of internal business operations from produ...
#69 - Aligning Security Initiatives with Business Objectives
March 14, 2022 11:22 - 25 minutes - 34.8 MBOn this episode of CISO Tradecraft, we talk about how cyber can help the four business key objectives identified by InfoTech: 1. Profit generation: The revenue generated from a business capability with a product that is enabled with modern technologies. 2. Cost reduction: The cost reduction when performing business capabilities with a product that is enabled with modern technologies. 3. Service enablement: The productivity and efficiency gains of internal business operations from produ...
#68 - Thought Provoking Discussions (with Richard Thieme)
March 07, 2022 11:26 - 1 hour - 87 MBToday we speak with Richard Thieme, a man with a reputation for stretching your mind with his insights, who has spoken at 25 consecutive DEFCONs as well as keynoted BlackHat 1 and 2. In a far-ranging discussion, we cover the concept of what it's like to be a heretic (hint: it's one step beyond being a visionary), the thought that the singularity has already arrived, Pierre Teilhard de Chardin's noosphere, disinformation and cyber war, ethical decision-making in automated systems, and why t...
CISO Tradecraft: Thought Provoking Discussions with Richard Thieme
March 07, 2022 11:26 - 1 hour - 87 MBToday we speak with Richard Thieme, a man with a reputation for stretching your mind with his insights, who has spoken at 25 consecutive DEFCONs as well as keynoted BlackHat 1 and 2. In a far-ranging discussion, we cover the concept of what it's like to be a heretic (hint: it's one step beyond being a visionary), the thought that the singularity has already arrived, Pierre Teilhard de Chardin's noosphere, disinformation and cyber war, ethical decision-making in automated systems, and why t...
#67 - Knock, Knock? Who’s There and Whatcha Want?
February 28, 2022 11:20 - 29 minutes - 40.8 MBOn this episode of CISO Tradecraft we are going to talk about various Access Control & Authentication technologies. Access Control Methodologies: Mandatory Access Control or (MAC) Discretionary Access Control or (DAC) Role Based Access Control or (RBAC) Privileged Access Management or (PAM) Rule Based Access Control Attribute Based Policy Control (ABAC) or Policy Based Access Control (PBAC) Authentication Types: Password-based authentication Certificate-based authentication Token-...
CISO Tradecraft: Knock, Knock? Who’s There and Whatcha Want?
February 28, 2022 11:20 - 29 minutes - 40.8 MBOn this episode of CISO Tradecraft we are going to talk about various Access Control & Authentication technologies. Access Control Methodologies: Mandatory Access Control or (MAC) Discretionary Access Control or (DAC) Role Based Access Control or (RBAC) Privileged Access Management or (PAM) Rule Based Access Control Attribute Based Policy Control (ABAC) or Policy Based Access Control (PBAC) Authentication Types: Password-based authentication Certificate-based authentication Token-...
CISO Tradecraft: Working On The Supply Chain Gang
February 21, 2022 11:58 - 20 minutes - 28.4 MBOn this episode of CISO Tradecraft, you can learn about supply chain vulnerabilities and the 6 important steps you can take to mitigate this attack within your organization: Centralize your software code repository Centralize your artifact repository Scan open source software for malware Scan software for vulnerabilities and vendor support Run a Web Application Firewall (WAF) Run a Runtime Application Self Protection (RASP) References: https://owasp.org/www-project-threat-and-safegua...
#66 - Working On The Supply Chain Gang
February 21, 2022 11:58 - 20 minutes - 28.4 MBOn this episode of CISO Tradecraft, you can learn about supply chain vulnerabilities and the 6 important steps you can take to mitigate this attack within your organization: Centralize your software code repository Centralize your artifact repository Scan open source software for malware Scan software for vulnerabilities and vendor support Run a Web Application Firewall (WAF) Run a Runtime Application Self Protection (RASP) References: https://owasp.org/www-project-threat-and-safegua...
CISO Tradecraft: Shall We Play A Game?
February 14, 2022 12:03 - 43 minutes - 59.8 MBGamification is a superpower that CISOs can use to change the culture of an organization. On this episode of CISO Tradecraft we discuss how to use gamification concepts as a CISO. What’s in a Game? Objective Rules Challenge/Competition Randomness or unpredictability Designed for fun and sometimes learning What Makes a Game Fun? Challenge requires reasonable level of difficulty Fantasy compelling setting for game action; temporary suspension of reality Curiosity random events so ...
#65 - Shall We Play A Game?
February 14, 2022 12:03 - 43 minutes - 59.8 MBGamification is a superpower that CISOs can use to change the culture of an organization. On this episode of CISO Tradecraft we discuss how to use gamification concepts as a CISO. What’s in a Game? Objective Rules Challenge/Competition Randomness or unpredictability Designed for fun and sometimes learning What Makes a Game Fun? Challenge requires reasonable level of difficulty Fantasy compelling setting for game action; temporary suspension of reality Curiosity random events so ...
#64 - 3 Keys to Being a CISO (with Allan Alford)
February 07, 2022 12:08 - 44 minutes - 60.8 MBOn this episode of CISO Tradecraft, we feature Allan Alford from The Cyber Ranch Podcast. Allan brings a wealth of knowledge as a CISO and shares the three things every CISO needs to bring to the table: Use a Cyber Maturity Model such as CMMI to identify the current situation and build a roadmap of where the organization is headed Quantify Known Risks through a Risk Register which gets routinely briefed to Executives Align Cyber to Business Objectives to enable the business If you enjo...
CISO Tradecraft: 3 Keys to Being a CISO (with Allan Alford)
February 07, 2022 12:08 - 44 minutes - 60.8 MBOn this episode of CISO Tradecraft, we feature Allan Alford from The Cyber Ranch Podcast. Allan brings a wealth of knowledge as a CISO and shares the three things every CISO needs to bring to the table: Use a Cyber Maturity Model such as CMMI to identify the current situation and build a roadmap of where the organization is headed Quantify Known Risks through a Risk Register which gets routinely briefed to Executives Align Cyber to Business Objectives to enable the business If you enjo...
CISO Tradecraft: Flirting with Disaster
January 31, 2022 12:12 - 26 minutes - 36.2 MBAs a cyber executive you should expect disaster and disruption. When these unfortunate events occur, you can protect the business by maintaining critical business functions, ensuring employees are able to access an alternate work facility, and providing vital records to perform business functions. The secret to accomplishing these objectives can be found in three important documents. Those being a Business Continuity Plan, Disaster Recovery Plan, & a Business Impact Analysis. Enjoy the s...
#63 - Flirting with Disaster
January 31, 2022 12:12 - 26 minutes - 36.2 MBAs a cyber executive you should expect disaster and disruption. When these unfortunate events occur, you can protect the business by maintaining critical business functions, ensuring employees are able to access an alternate work facility, and providing vital records to perform business functions. The secret to accomplishing these objectives can be found in three important documents. Those being a Business Continuity Plan, Disaster Recovery Plan, & a Business Impact Analysis. Enjoy the s...
CISO Tradecraft: Promotion Through Politics
January 24, 2022 11:38 - 31 minutes - 42.7 MBOn this episode, we talk about the four types of skills you need to demonstrate in your career to climb through the ranks: (Technical Skills, Management Skills, Leadership Skills, & Political Skills) We also highlight 6 crucial areas to improve your political skills Social Astuteness - You need to get your cues right. Socially astute managers are well-versed in social interaction. In social settings they accurately assess their own behavior as well as that of others. Their strong power...
#62 - Promotion Through Politics
January 24, 2022 11:38 - 31 minutes - 42.7 MBOn this episode, we talk about the four types of skills you need to demonstrate in your career to climb through the ranks: (Technical Skills, Management Skills, Leadership Skills, & Political Skills) We also highlight 6 crucial areas to improve your political skills Social Astuteness - You need to get your cues right. Socially astute managers are well-versed in social interaction. In social settings they accurately assess their own behavior as well as that of others. Their strong power...