Latest Esrm Podcast Episodes
ESRM a Transformation Catalyst with Radek Havlis
Caffeinated Risk - May 30, 2024 00:00 - 29 minutes ★★★★★ - 1 ratingAmongst the industry verticals classified as critical infrastructure, few would argue that telecommunications belongs in the top that list, placing even more weight on a risk management program due to cascading impacts. Consequently, safe reliable operations are essential for success while conti...
Contingency Planning, Cyber Resilience and Incident Response
Caffeinated Risk - March 28, 2024 01:00 - 28 minutes ★★★★★ - 1 ratingRegulatory frameworks from PCI-DSS to NERC-CIP to the newly minted NIST CSF 2.0 each require organizations of all sizes to have cyber incident response plans. Most of us who have spent any time in cubicle filled office towers are familiar with fire drills to clear the building and gather staf...
The Business Context of Cyber Resilience with Steven J Ross
Caffeinated Risk - February 22, 2024 00:00 - 30 minutes ★★★★★ - 1 ratingThose running a business today who have not experienced disruption due to cyber issues or attacks know it is only a matter of time. Even if their organization is not directly targeted, the modern marketplace comprised of multiple, interconnected supply chains, means impact is unavoidable but t...
Building a Cyber Risk Management Program with Brian Allen
Caffeinated Risk - January 25, 2024 02:00 - 30 minutes ★★★★★ - 1 ratingThe U.S. Security Exchange Commission defined new rules for cyber risk matters facing publicly traded corporations in July of 2023. Although the SEC's mandate is limited to publicly traded companies in the United States, where one regulator goes others are apt to follow. Brian Allen is the co-...
CyberPHA - OT Risk management With John Cusimano
Caffeinated Risk - December 14, 2023 00:00 - 31 minutes ★★★★★ - 1 ratingThe ISA 99 standards body is one of the most recognized authorities on cyber physical security covering many aspects of a cyber security management system for industrial control systems including risk management. This episode features John Cusimano, former chairman of the ISA subcommittee resp...
Science, Crime and Workforce Development with Dr. Martin Gill
Caffeinated Risk - November 23, 2023 00:00 - 31 minutes ★★★★★ - 1 ratingSecurity and crime are often in close proximity but not always studied together. This month's episode features Martin Gill a criminologist who made the study of crime and security his life's work. After a decade as a lecturing professor at the University of Leichester, Mr. Gill started Perpetu...
ESRM a Decade In and The Emergent Threat Landscape
Caffeinated Risk - September 28, 2023 00:00 - 29 minutes ★★★★★ - 1 ratingPost GSX conference, which included an in-depth review of ESRM and an interview with former U.S. president George W Bush, this episode considers how enterprise security risk management has stood the test of time as well as how risk analysis will need to evolve . Financial receptors can be fou...
Business Enablement using Converged Risk Management with Michael Lashlee
Caffeinated Risk - August 24, 2023 00:00 - 36 minutes ★★★★★ - 1 ratingThe convergence buzzword has come and gone and some organizations have struggled to reap the benefits of physical and cyber security departments working in tandem toward common goals. Michael Lashlee, deputy Chief Security Officer at Mastercard, shares security insights from the US Marines, se...
Interpreting Risk within a Regulatory Context with Terry Freestone
Caffeinated Risk - July 27, 2023 00:00 - 32 minutes ★★★★★ - 1 ratingCalgary was an ICS cyber hub before most knew such measures were necessary, Terry Freestone was one of the ICT specialists from those early days who now applies his decades of hard-won knowledge in the offices of the Canadian Energy Regulator. Speaking as a private citizen and cyber securit...
2023 Summer Show
Caffeinated Risk - June 29, 2023 00:00 - 30 minutes ★★★★★ - 1 ratingKeeping up the accidental annual tradition Tim and Doug take a retrospective look at risk management as a mid-year pulse. The 10th annual Cyberthreat Defense report forms the underlying theme but digging under the statistics to analyze how these might pertain to ESRM. Communication also popped...
ESRM and Data Science with Rachelle Loyear
Caffeinated Risk - May 25, 2023 00:00 - 31 minutes ★★★★★ - 1 ratingOne of the original authors of the ESRM framework, now in it's tenth year, and Caffeinated Risk's first guest returns to discuss how data science is changing security and risk management. While alchemy may be a bit of a stretch, Ms. Loyear ongoing focus of including human behaviour in the risk...
Attack Tree Calibration with Terry Ingoldsby
Caffeinated Risk - March 23, 2023 00:00 - 7 minutes ★★★★★ - 1 ratingThreat modeling expert and inventor of one of the world's first attack tree modeling products talks about how to integrate subject matter expertise into the risk equation, the answer may be surprising. Bonus content not included in the original interview with Terry which dove deep into the hi...
FAIR and ESRM, exploring common ground with Jack Freund
Caffeinated Risk - February 23, 2023 00:00 - 38 minutes ★★★★★ - 1 ratingFactor Analysis of Information Risk (FAIR) and Enterprise Security Risk Management (ESRM) took different evolutionary paths yet share a lot more commonality than catchy 4 letter acronyms and mainstream adoption by notable organizations like NIST, The Open Group and ASIS international. Jack Fre...
Cyber-Physical Convergence Revisited
Caffeinated Risk - January 19, 2023 00:00 - 34 minutes ★★★★★ - 1 ratingIn addition to hybrid work and regular time in the office being the new normal, 2023 marks the year Caffeinated Risk's co-host Tim McCreight serves as the president of ASIS international. ASIS has long been a proponent of both physical and cyber security professionalism and one of the first or...
ESRM Enablement via Location Intelligence with Alex Martonik
Caffeinated Risk - December 15, 2022 00:00 - 31 minutes ★★★★★ - 1 ratingRealtors have long advocated "location, location, location" as a path to investment success. Fast forwarding a few generations, location intelligence applied to risk management is paying dividends well beyond real-estate and Esri is a world leader in this fascinating application of geo-spat...
Privacy & Toxic Data with Michelle Finneran Dennedy
Caffeinated Risk - November 17, 2022 00:00 - 6 minutes ★★★★★ - 1 ratingA great discussion point that didn't make it to air from the original 2021. Not all data is of equal value to the organization and the viable shelf life is seldom tracked or even discussed. This espresso shot takes a humorous look at a serious question about privacy considerations during the d...
Classifying and effectively communicating enterprise security risk with Paul Mercer
Caffeinated Risk - October 20, 2022 00:00 - 31 minutes ★★★★★ - 1 ratingCommunication isn't effective until the receiver understands the message well enough to take action. That pretty much sums up the challenge facing many risk professionals today, something Paul Mercer resolved, out of necessity, by building risk management software that is proving to be a welcom...
Redefining the risk management business partnership with Rachelle Loyear
Caffeinated Risk - September 08, 2022 00:00 - 6 minutes ★★★★★ - 1 ratingCo-author of the original book on Enterprise Security Risk Management, it only made sense to have Rachelle be the first Caffeinated Risk guest. Like many guests, there was just too much material for a 30 minute episode. This espresso shot encore digs into that nuanced topic of truly partnering...
Resilience as a Risk Management Stratgey
Caffeinated Risk - August 18, 2022 00:00 - 32 minutes ★★★★★ - 1 ratingAnyone with a bit of time in the security industry is well acquainted with Murphy's law but crisis management specialists are who you call when things suddenly get very real. While common security guidance advocates protection, readying your organization to weather the inevitable failure in p...
Resilience as a Risk Management Strategy
Caffeinated Risk - August 18, 2022 00:00 - 32 minutes ★★★★★ - 1 ratingAnyone with a bit of time in the security industry is well acquainted with Murphy's law but crisis management specialists are who you call when things suddenly get very real. While common security guidance advocates protection, readying your organization to weather the inevitable failure in p...
Infrastructure Resilience and Ethical Considerations
Caffeinated Risk - July 21, 2022 00:00 - 31 minutes ★★★★★ - 1 ratingRecorded two days after the July 2022 nationwide telecom outage, co-hosts Tim and Doug explore the deeper ramifications of losing access to the very services that are so tightly integrated into our lifestyle. While the complete root cause of the Rogers' outage may never be publicly shared, mo...
GRC Program Development and Implementation with Josh Sokol
Caffeinated Risk - June 16, 2022 00:00 - 31 minutes ★★★★★ - 1 ratingSooner or later every risk management professional faces the hard reality that comprehensive risk management programs can't be implemented on spreadsheets. A corporate vice president mandate, minus the funding, started Josh Sokol on a journey that turned his initial platform solution into an op...
Strategies for meeting the cyber skill set challenge with Martin Dinel
Caffeinated Risk - May 19, 2022 00:00 - 32 minutes ★★★★★ - 1 ratingChief Information Security Officer Martin Dinel has all the same technology challenges of every other large organization. Placing Alberta in front of that CISO title brings the additional requirements of protecting government secrets, interfacing with national security, protecting financial and ...
Strategies for meeting the cyber skill set challenge with Martin Dinel
Caffeinated Risk - May 19, 2022 00:00 - 32 minutes ★★★★★ - 1 ratingChief Information Security Officer Martin Dinel has all the same technology challenges of every other large organization. Placing Alberta in front of that CISO title brings the additional requirements of protecting government secrets, interfacing with national security, protecting financial and ...
Risk management in the cloud with Illena Armstrong
Caffeinated Risk - April 21, 2022 00:00 - 32 minutes ★★★★★ - 1 ratingVery few organizations, from three letter agencies to the local brew pub are not using cloud services to some degree and those previously resistant had no choice once Covid 19 hit. In 2022, with global conflict, organized crime, multiple supply chain and service concerns, what is required of a ...
Cyber Crime and Risk Management Strategies with Cara Wolf
Caffeinated Risk - March 17, 2022 13:00 - 32 minutes ★★★★★ - 1 ratingAcknowledged by IT World Canada as one of the top 20 women in cyber, Cara Wolf shares insights into the Canadian tech industry , the need for innovation and tactics for drawing senior leadership's attention to cyber security issues during a candid discussion on the changing aspects of cyber cr...
Cyber Crime and Risk Management Strategies with Cara Wolf
Caffeinated Risk - March 17, 2022 13:00 - 32 minutes ★★★★★ - 1 ratingAcknowledged by IT World Canada as one of the top 20 women in cyber, Cara Wolf shares insights into the Canadian tech industry , the need for innovation and tactics for drawing senior leadership's attention to cyber security issues during a candid discussion on the changing aspects of cyber cr...
Continuous Authentication and Risk Management with Ian Paterson
Caffeinated Risk - February 16, 2022 23:00 - 32 minutes ★★★★★ - 1 ratingThe threat landscape is evolving, if your security controls are not, the outcome is all but assured. In this episode Tim and Doug are joined by Canadian cyber security serial entrepreneur Ian Paterson, CEO of Plurilock. Mr. Paterson shares hard won insights from extensive data science research...
Continuous Authentication and Risk Management with Ian Paterson
Caffeinated Risk - February 16, 2022 23:00 - 32 minutes ★★★★★ - 1 ratingThe threat landscape is evolving, if your security controls are not, the outcome is all but assured. In this episode Tim and Doug are joined by Canadian cyber security serial entrepreneur Ian Paterson, CEO of Plurilock. Mr. Paterson shares hard won insights from extensive data science research...
Castles and Network Management with Winn Schwartau
Caffeinated Risk - February 03, 2022 05:00 - 5 minutes ★★★★★ - 1 ratingA light hearted espresso shot with renowned information security writer Winn Schwartau and Tim McCreight discussing the serious and all too common problem of uncontrolled ingress and egress. While the first electronic firewalls may have come into vogue in the late 80's, Winn and Tim uncover par...
Related Esrm Topics