Deep Dive in GRC: Know Your Sources – Jonathan Ruf – CSP #182

July 9, 2024

As organizations grow, there comes a time when managing by excel spreadsheets is not longer feasible and accurate data sources, regulations, and risk need to be accurately reflected within Governance, Risk and Compliance (GRC) tools. Reporting to the board must be based upon accurate information. Join us as we discuss the important aspects of formi...

Governance, Risk and Compliance

Governing Cyber Humanely: Leveraging Wellness Techniques – Jothi Dugar – CSP #181

July 2, 2024

We discuss the topic of Human Centric Cybersecurity and the importance of empowering the 'people' aspect of the People, Process, Tech framework. In this conversation we raise the importance of well-being amongst Tech and Cyber leaders and how to keep calm through the chaos to lead our teams well. Also important is diversity in this field and the H...

Leadership

CISOs Advising Cybersecurity Companies, Get on Board! – Bob West – CSP #180

June 25, 2024

Advisory Boards - helping cybersecurity companies grow is foundational to helping enterprises select best in class tools to protect their environments. If done properly, scaling cybersecurity companies can have a positive global impact on how information is protected and minimizing business disruption.

Zero trust

As We Implement Zero Trust, Let’s Not Forget About Metrics – George Finney – CSP #179

June 18, 2024

Many organizations are starting today down the Zero Trust path. Zero Trust is a strategy (vs an architecture) and to prove the value of this investment, we need to start thinking about metrics to demonstrate value. Join us as we discuss some of the metric directions to consider when moving our organizations towards Zero Trust.

Threat Intelligence

CISO and the Board: Demonstrating value and relevant metrics – Max Shier – CSP #178

June 11, 2024

The importance of CISO skills/metrics for the board, demonstrating the business value and necessity of good cybersecurity posture, as capabilities the CISO must master to be effective in securing the appropriate investment level. Join us as we discuss interactions with the board and leveraging metrics to show business value.

Security Program Controls/Technologies

Point Vs. Platform: Improving TCO Cost/Benefit – Patrick Benoit – CSP #177

June 4, 2024

CISOs must prioritize the intelligent selection of cybersecurity products by considering the total cost of ownership (TCO) and whether point products or platforms are best suited. This includes the costs of deployment and operations for people, processes, and technology, as well as the ongoing maintenance and support of a product. By considering th...

Data Security

Data Governance is Critical to Info Security and Privacy – Michael Redmond – CSP #176

May 28, 2024

Data Governance is a key component in protecting the data from different points of view including information security confidentiality, integrity, and availability. There are several standards that have control requirements for Data Governance relating to PCI, HIPAA, and PII, data security and more. Two of the Internal Standards having Data Governa...

Data Security

The Riddle of Data Governance – Steven Fox – CSP #175

May 21, 2024

Data is the fuel of modern organizations. Data governance ensures the quality of that fuel, as well as ensure its optimal utilization. It ensures that people use and access data appropriately. This value is timely in the face of artificial intelligence offerings whose utility relies on quality data. This segment is sponsored by Spirion. Visit ht...

Data Security

That Data Sprawl is Here! What Should We Do About it? – Nick Ritter – CSP #174

May 14, 2024

As technology has enabled high speed access and massive amounts of inexpensive storage, data is being created at a logarithmic hockey-stick pace. Not all this data is important for the organization, however the organization must understand what data is important to run the business. Join us as we discuss this dilemma, with an eye to protecting esse...

Leadership

Why CISO’s Fail: Some Practical Lessons for the Future – Barak Engel – CSP #173

May 7, 2024

Security is both overcooked and underdeveloped at the same time, and we keep doubling down on insanity. Our own community is at great fault for pushing fear and ignoring service, leading to consistent, negative experiences for all other stakeholders in the organization - and ultimately the CISOs themselves. "Do more cyber" never had, does not, and ...

Supply chain

Air Gapped! The Myth of Securing OT – Thomas Johnson – CSP #172

April 30, 2024

The terminology of ICS has morphed into OT (Operational Technology) security; however many organizations are lacking in addressing the OT security controls. As some companies talk about air gapping as the primary method of securing OT, the reality is many times true air gapping does not exist. Join us as we discuss why these gaps occur and what nee...

Deep Dive in GRC: Know Your Sources – Jonathan Ruf – CSP #182

Governing Cyber Humanely: Leveraging Wellness Techniques – Jothi Dugar – CSP #181

CISOs Advising Cybersecurity Companies, Get on Board! – Bob West – CSP #180

As We Implement Zero Trust, Let’s Not Forget About Metrics – George Finney – CSP #179

CISO and the Board: Demonstrating value and relevant metrics – Max Shier – CSP #178

Point Vs. Platform: Improving TCO Cost/Benefit – Patrick Benoit – CSP #177

Data Governance is Critical to Info Security and Privacy – Michael Redmond – CSP #176

The Riddle of Data Governance – Steven Fox – CSP #175

That Data Sprawl is Here! What Should We Do About it? – Nick Ritter – CSP #174

Why CISO’s Fail: Some Practical Lessons for the Future – Barak Engel – CSP #173

Air Gapped! The Myth of Securing OT – Thomas Johnson – CSP #172

Leadership News & Analysis

Microsoft takes down websites used to create 750 million fraudulent accounts

Zebra Technology’s Mike Zachman: Be a business enabler, not a hurdle

Lenovo’s Skip Mann: Exceptional security leadership like being a human Swiss Army knife

1,000 CISOs strong: How cross-company collaboration strengthens enterprise cybersecurity

Host Todd Fitzgerald reflects on 100 episodes of the CISO Stories podcast