In the Leadership and Communications section, Uber CISO's trial underscores the importance of truth, transparency, and trust, 4 Leadership Strategies to Help Women Advance in the Tech Industry, 5 Best Predictors of Employee Turnover and What Leaders Should Do About Them, and more!
Data is the most valuable resource on the planet; but, as businesses collect and store data at an astonishing pace, data sprawl, volume, and diverse storage environments create a security nightmare. With support for hundreds of data stores across leading cloud providers and thousands of automation and response integrations, Imperva Data Security Fabric modernizes and simplifies data governance, security, and workflow management for data in all forms across multicloud and hybrid environments. The product’s flexible architecture supports structured, semi-structured, and unstructured data across a range of data repositories to ensure security policies are applied consistently everywhere so businesses can quickly understand and mitigate risk.
This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw264
Boards and CEOs are asking what their cyber risk posture is, and they aren't getting clear answers. Reports produced from assessments oftentimes are built on stale data rather than real-time compliance and risk data. How should C-levels be thinking about cybersecurity posture reporting, and how can they manage cyber risk in real-time as opposed to point-in-time?
This segment is sponsored by CyberSaint. Visit https://securityweekly.com/cybersaint to learn more about them!
In the leadership and communications section, CISO MindMap 2022: What do InfoSec Professionals really do?, CISO Shares Top Strategies to Communicate Security's Value to the Biz, Security leaders chart new post-CISO career paths, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw263
In the leadership and communications section, 5 Cybersecurity Questions CFOs Should Ask CISOs, How Leaders Can Escape Their Echo Chambers, 10 Cybersecurity Compliance Statistics That Show Why You Must Up Your Cybersecurity Game, and more!
Most current security risk assessments are not effective. Doug Landoll joins BSW to explain how we can fIx this. Doug will share 5 Essential Elements of an Effective Security Risk Assessment, including: - Scoping, Scheduling, and Champions - Team Structure - Data and Measurements - Calculations and Analysis - Reporting, Presentation, and Tracking
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw270
In the leadership and communications section, How CISOs can prepare for new and unpredictable cyberthreats, 8 Leadership and Management Principles from Ex-Navy Seal, Practice Transparent Leadership, and more!
IIoT infrastructure protection requires immediate attention. Barracuda just released key findings from a report titled "The state of industrial security in 2022," that covers the following: • The network breaches, ransomware attacks, and other security incidents businesses are facing • The current challenges related to infrastructure protection, remote access security, and digital transformation • The solutions and strategies decision makers are using to close security loopholes and boost the protection of IIoT infrastructure
This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw269
In the Leadership and Communications segment: How to build a cyber capable board, Who Is Legally Responsible for a Cyber Incident?, Building a security culture of 'Yes', and more!
This edition of Security money is a 2 quarter update for both Q1 2022 and Q2 2022. That's what happens when you have a lot of interest and interviews. Although the SW25 Index is down, it's still outperforming the Nasdaq!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw268
There was a time when the perceived wisdom was to buy best of breed security technologies and that would do for your security program. Trouble of is, none of it integrates with each other or your wider IT. With budgets getting tighter, security pros are being asked to look again at big portfolio security providers and work out whether they can use their offerings to slim down. In this session I'll discuss what I'm hearing from our customers, and some of the things we are starting to see people do to balance the need to optimize cost and efficiency without compromising security protection.
Speed, Velocity, and Acceleration. The physics of motion are well documented, and we understand how these scalar and vector quantities differ. In information security and cyber risk management the dynamics are not as well understood which has confused our ability to distinguish between motion and progress. This confusion intensifies our escalating risk cycle by causing a mirage of control that continues to lead us to down a path of compromise and catastrophe, adding to our growing labor and skill deficit. This segment is meant to explore the existing physics and gravitational forces of how we have approached cyber risk management to date, discuss where we are stuck today as well as ideas for a path forward - a reorientation of security operations function so that it is optimized to handle the volume as well as reposition it from an anchor point of continual reaction to one where it can take proactive action in front of the cycle of risk. The heart of these changes is a redefinition of the risk equation we have been using for decades Risk = F (Threat, Vulnerability, Consequence) which while useful initially has created a spray and pray model across most of our organizations. I will explain how to redefine the equation to be Risk = F (Threat, Exploitability, Consequence).
Segment Resources: https://www.uscybersecurity.net/csmag/going-beyond-the-motions-of-cybersecurity/
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw267
What does a CISO do all day? Do they eat bon-bons and read the WSJ? Do they read Threatpost or BleepingComputer or Twitter? Why does a company need a CISO, or better still, do they need one? All these questions and more will be answered in this weeks episode.
Segment Resources:
https://www.cbts.com/security/security-services/
https://www.cbts.com/blog/cloud-security-controls-mitigate-risk/
https://www.cbts.com/blog/weighing-risks-benefits-moving-to-the-cloud-part-1/
https://www.cbts.com/blog/what-is-cyber-insurance/
With recent proposed rule making from he SEC, there is increased focus on the Board's involvement in governing and managing cybersecurity. What is changing in how effective CISO's engage with their Board of Directors and what is over the horizon for cybersecurity leaders?
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw266
In the Leadership and Communications section, Being concerned is not enough – What boards should know and do about cybersecurity, In the Case of Cybersecurity, the Best Defense is Education, Reskilling workers can help meet the cybersecurity staffing challenge, and more!
Defining Cyber Risk With Bryan Ware This year, RSAC is happening amidst the backdrop of major geopolitical tensions with cyber impacts; a continued, lingering pandemic and a potential economic downturn that cyber adversaries can and have leveraged to their benefit; and increasing technological innovation. All of this points toward ever-evolving cyber risk. What are some of the key considerations that executives – both ones with cyber expertise and ones without – should keep in mind as they look to not only define cyber risk but also reduce it and ensure operational resiliency? In this segment, we’ll hear thoughts from Bryan Ware, the new CEO of LookingGlass Cyber Solutions, former CEO of Next5, a business intelligence and advisory firm, and the first presidentially appointed Assistant Director of Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS).
This segment is sponsored by LookingGlass Cyber. Visit https://securityweekly.com/lookingglass to learn more about them!
Is the Market Ready for Integrated Cyber Risk Management? Cyber risk management is now a dynamic practice for security teams and leadership. It requires up-to-date risk intelligence across many factors – external, internal, third parties, cloud posture – to inform the right decisions and enable cyber risk quantification and risk modeling to be more dynamic. Victor will discuss what drove him to leave security leadership and start a company to solve the problems he experienced with cyber risk management and how the market is responding.
Segment Resources: https://fortifydata.com/request-an-assessment
This segment is sponsored by Fortify Data! Visit https://securityweekly.com/fortifydata to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/bsw265