In the Leadership and Communications section, CISO Burnout Prevention: Tips for Work-Life Balance, Maximizing Leadership Potential, The Essence of Effective Management: Commitment, Foresight, and Leadership, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-310
In a tight economy, security budgets have been under scrutiny. Vendor consolidation strategies are real, but what are the pros and cons of this strategy? Shawn Surber from Tanium joins us to discuss how vendor consolidation is playing out and what to look for. It's not just an expense exercise, it's also a strategic alignment exercise.
This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-310
Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on October 12, 2020.
We go off script. Michael Santarcangelo joins me for a discussion on leadership. We review the 4 C's of Leadership: 1. Culture 2. Collaboration 3. Communication 4. Cultivation - and Michael shares some of his leadership approaches and ideas.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/vault-bsw-2
In the leadership and communications section, Only one in 10 CISOs today are board-ready, study says, Why Conflicting Ideas Can Make Your Strategy Stronger, How to Overcome Communication Barriers in Your Teamwork, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-309
The Gartner definition of integrated risk management is a set of practices and processes supported by a risk-aware culture and enabling technologies, that improves decision making and performance through an integrated view of how well an organization manages its unique set of risks. Enterprises typically have a broad coverage of the risks that face the business including cybersecurity risk, however, its 2023 and after more than a decade of requiring training compliance for our people, the Verizon DBIR reports this year that 74% of breaches involved human error. It's clear that compliance is not the answer for where to include the human in an IRM strategy, so what's next?
This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-309
In the leadership and communications section, Cybersecurity Starts with the Board and C-Suite, How CISOs can achieve more with less during uncertain economic times, Why Authentic Leadership Is So Hard, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-308
The American Data Privacy and Protection Act introduces oversight of how companies handle the data they collect and process from U.S. citizens, including AI algorithms used to uncover insights that can be monetized. Security professionals should prepare now for the legislation by understanding how to audit algorithms and implement compliance processes. Even if this version of privacy legislation doesn’t pass, similar legislation will likely pass soon.
Segment Resources:
Forbes Tech Council article: Why You Need to Prepare Now for Privacy Legislation That May Not Pass https://www.senecaglobal.com/media-mentions/ftc-why-you-need-to-prepare-now-for-privacy-legislation-that-may-not-pass/
Enterprise Security Tech - American Data Privacy Protection Act: What, Who, How https://www.enterprisesecuritytech.com/post/american-data-privacy-protection-act-what-who-how
Security Info Watch - What the American Data and Privacy Act means for businesses https://www.securityinfowatch.com/security-executives/article/21295869/what-the-american-data-and-privacy-act-means-for-businesses
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-308
Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020.
Marc French has more than 25 years of technology experience in engineering, operations, product management, and security. Prior to his current role at CISO at Product Security Group, Marc was the SVP & Chief Trust Officer at Mimecast, Inc. and has held a variety of senior security roles at Endurance/Constant Contact, EMC/RSA, Iron Mountain, Digital Guardian, and Dun & Bradstreet.
With all this security experience, Marc has created a series of career ladders to help guide infosec professionals with their job journey, including the illustrious CISO position. We will also cover whether you really want to be a CISO...
All of the open source career ladders can be found here: https://github.com/product-security-group/Security_Ladders
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/vault-bsw-1
In the leadership and communications section: Do You Really Need a CISO?, A CISO Employment Contract May Mean the Difference Between Success and Jail, When Your Employee Tells You They’re Burned Out, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw307
You can rebuild infrastructure. But you can’t un-breach data – Data sits at the core of an organization and is often the most open and vulnerable. This is why data security is the most important and urgent security problem to solve right now. We’re joined by Matt Radolec, Senior Director of Incident Response and Cloud Operations at Varonis, to walk through the blast radius concept – from what it is and how to use it to understand your organization's risk, to how it can serve as a guide to securing data from insiders and external attackers.
Segment Resources:
The Great SaaS Data Risk Exposure report: https://info.varonis.com/hubfs/Files/docs/research_reports/Varonis-The-Great-SaaS-Data-Exposure.pdf
The Forrester Wave™: Data Security Platforms, Q1 2023 https://reprints2.forrester.com/#/assets/2/1646/RES178465/report
Learn more about the Varonis Data Security Platform https://www.varonis.com/products/data-security-platform
This segment is sponsored by Varonis. Visit https://securityweekly.com/varonis to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw307
Cybersecurity teams today are inundated with tools that provide an abundance of alerts and data about threats, gaps, vulnerabilities and everything in between. While security tools are critical to operating a cybersecurity program and produce helpful data, they should never dictate an organization’s cybersecurity strategy. Instead, Amad Fida, CEO & Founder of Brinqa, explains why business priorities should be the foundation for any company’s cybersecurity strategy.
This segment is sponsored by Axonius. Visit https://securityweekly.com/axoniusrsac to learn more about them!
Economic uncertainty has forced IT and security leaders to be more cautious than ever when increasing spending and team size. Suh dynamics give CISOs and CIOs an opportunity to demonstrate value by going beyond “merely” defending the organization from threats. We can contribute toward the organization’s efforts to constrain costs by looking inward at existing tools and assets to understand deployment, usage, and value. We can do this by ensuring the company is making the most of what it already has – and eliminating the spend that’s not being utilized in the most effective way.
This segment is sponsored by Brinqa. Visit https://securityweekly.com/brinqarsac to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw306
Medtronic's Security Ambassador program has seen tremendous growth and engagement in recent years. Learn how they gave their program a shot of adrenaline and haven't looked back since.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw306
A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your organization’s information and infrastructure security without placing a strain on internal personnel or resources which is critical in today’s uncertain economy. With an MSSP on board, CISOs are better equipped to meet strategic and business goals, while improving operations and reducing expenses. This interview will discuss not only why to consider an MSSP but how to choose the right one for the job.
This segment is sponsored by Direct Defense. Visit https://securityweekly.com/directdefensersac to learn more about them!
Insider Risk is a problem that continues to grow - and that companies are still struggling to solve. CISOs state that it is the number one most difficult threat to detect, placing it over malware and ransomware. Code42 President and CEO Joe Payne will explain why the Insider Risk problem is so challenging and will offer guidance on how to solve it.
This segment is sponsored by Code42. Visit https://securityweekly.com/code42rsac to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw305
Each year, Forrester tracks the top systemic risks — external events that impact your firm and customers but are out of your control — facing organizations. The impacts of climate change are both short-term, in the form of severe weather, drought, and heat waves, and long-term, in the form of biodiversity loss, sea-level rise, and rising temperatures. Want to see where climate risk ranked on the list?
Read The Top Systemic Risks, 2023 (https://www.forrester.com/report/the-top-systemic-risks-2023/RES179156) or listen to this segment on Business Security Weekly.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw305
CISOs face the complex challenge of protecting organizations against an expanding array of cybersecurity risks. While the role requires constant adaptation to protect against new threats, CISOs often bear the blame when defenses are breached. In this segment Kunal Anand, CTO & CISO, Imperva, discusses the evolution of the role and what aspiring professionals need to know if they want to hold the title.
This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them!
Today’s security products are evolving to meet the changing attack surface, each one targeting a specific set of risks. For organizations, this typically means that to increase security maturity, they need to implement a number of different solutions, and as the attack surface continues to expand, their tech stack quickly becomes difficult to manage. It’s time for the industry to help security teams achieve a better balance and reduce this operational burden.
Segment Resources:
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw304
This week, it's time for Security Money. We recap Q1 2023 with the latest financial results, funding announcements, and layoffs. Don't miss this quarterly update. At the market close on April 28th 2023: - SW25 Index is 1,404.31, which is an increase of 40.43% (up from last Q) since inception. - NASDAQ Index is 12,226.58, which is an increase of 84.27% (up from last Q) during the same period.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw304
After discussing the requirements for working in cybersecurity, part 2 will tackle where to find the talent. We will explore education, apprenticeships, mentorships, and training. We will also identify areas within the business that have resources with skills that are very complementary with cybersecurity that also make great recruiting areas.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw303
We talk a lot about closing the skills gap, but it's harder said than done. So we thought we'd tackle the problem in our 2nd episode os Say Easy, Do Hard. Part 1 will discuss the skills needed, the requirements of the position, and the real qualifications for cybersecurity jobs. We will discuss the practical, realistic expectations of working in cybersecurity, not the hyped stereotypical positions.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw303
In the leadership and communications segment, Security Is a Revenue Booster, Not a Cost Center, How cybersecurity leaders can tackle the skills shortage, Engaged Employees Create Better Customer Experiences, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw302
Securing the business can often come at a cost of employee productivity, but it doesn’t have to be this way. Especially in today’s economic climate, the security team cannot be seen as a blocker to business. Aviv discusses how to find that balance in today’s episode.
This segment is sponsored by Votiro. Visit https://securityweekly.com/votiro to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw302
In the leadership and communications segment, How to Succeed As a New Chief Information Security Officer, Lead by Example: What Army Special Forces Can Teach You About Leadership, How to Take Risks & Conquer Fears, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw301
Barracuda just released a report on Ransomware findings, here: https://assets.barracuda.com/assets/docs/dms/2023-Ransomware-insights-report.pdf .
Here are a few of the highlighted stats:
Fleming Shi joins Business Security Weekly to discuss the findings and ways to better prepare for these attacks.
This segment is sponsored by Barracuda. Visit https://securityweekly.com/barracuda to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw301
You ask, we respond. This Ask Me Anything (AMA) segment allows the audience to ask the BSW hosts anything. From leadership skills to career advice or even why Alderman keeps moving, this segment answers the questions you want to know.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw300
Why 300? 300 is a perfect game in bowling, a milestone few have achieved (unless you're Brendan Alderman who has done it twice before the age of 20). 300 podcast episodes is almost 7 years of recording, a milestone most podcasts haven't achieved. So we thought is was worth celebrating! Join current and former BSW hosts to get a brief history of Business Security Weekly, including:
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw300
In the leadership and communications section, CISO, The Board, and Cybersecurity, How CISOs Can Work With the CFO to Get the Best Security Budget, Building Effective and Skilled Teams Through Networking, Connectivity, and Communication, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw299