CISO Stories Podcast (Audio)

Joe Sullivan has shown all of us that CISOs are on the front lines when it comes to breaches and their legal aftermath. Unfortunately, most CISOs are not attorneys and may not understand the rules of engagement with law enforcement to the point where they may find themselves in legal jeopardy for 'doing the right thing'. Join Larry Dietz long time cybersecurity professional, attorney and retired US Army Colonel and Todd Fitzgerald for a lively discussion on how to prepare for the legal ramifications of security incidents. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-125

CISOs want to enable the business. But sometimes we must stand our ground and explain our position with rationale. So, how do we convince other people to act without telling their baby is ugly? Join us, as we discuss having difficult conversations. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-124

The CISO who can speak to the financial implications of cyber risk will be able to successfully work amongst the C-suite and in the board room to prioritize and address cyber initiatives. Building a view of the financial implications of those risks based on real data enhances not only the CISO's decision-making ability but also the CISO's credibility with stakeholders. Join us as we take a look at how industry and enterprise data sources can be leveraged to build a view of the financial implications of cyber risk to set the stage for making quality decisions. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp123

In April, the SEC is expected to finalize new rules on cybersecurity. The rules will require every publicly traded company to file disclosures with descriptions of their security strategy, governance, and risk management. Companies will need to explain to shareholders how they assess cyber risk, describe their security policies, and demonstrate a significant level of board oversight on cybersecurity issues. The SEC rules are qualitatively different from existing cyber regulatory frameworks, such as HIPAA and PCI DSS, which skew toward enforcing technical controls handled by the IT department. The SEC rules, in contrast, demand that C-suites and boards get more involved and demonstrate a strategic approach to managing cyber risk. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp122

All CISO roles are challenging. CISOs of large municipalities face many of the same risks with a unique set of challenges to overcome. Join us for a conversation about the rewarding experience of leading a government cybersecurity program for the nation's third largest city. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp121

Writing a cybersecurity strategy is an essential role of the CISO. How do you avoid the strategy from becoming outdated? Shelfware? Not in line with the business? Join us as Joey articulates his techniques for gaining stakeholder adoption of the strategy. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp120

Obtaining our first CISO role is an exciting and challenging experience at the same time. At some point, we will move on to another company. How have you prepared the person who needs to take your role? What knowledge and experience are you sharing with the next in line? Join Dave, as he has some great leadership lessons, approaches and tips for helping the next CISO and the organization. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp119

Everyone has a struggle or hurdle they will face. Your outcome is largely determined by your approach. Does this mean you will get OVER every hurdle? No. But sometimes, you can go around it or under it and still reach your final destination. Show Notes: https://securityweekly.com/csp118

Ensuring organizations have the proper governance, risk and compliance (GRC) practices is essential to ensuring risks are appropriately mitigated. Join us as we discuss the interconnectedness of risk, the process of GRC , and Michael's thoughts on how to improve the process. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp117

How is County Government Security different from company cybersecurity? Is it difficult to get funding and attract resources? What are the advantages to working in Country government cybersecurity? Join two experienced County Government CISOS, with experience in leading cybersecurity in two of the largest counties in the U.S, Fairfax County and Los Angeles County. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp116

Finding cyber talent is difficult in today's market. At a time when cyber salaries are high, working with universities to tap into the new cyber workforce is something all companies should be looking at. Today we will explore how to work with universities to bring talent to your organization. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp115

The role of CISO is one filled with challenges and decisions. Frequently, a CISO is faced with having to decide in compromise with Operations, in favor of Operations. This can be a very difficult and risky choice to make - but the ideal of having both get 100% of what they want, or need is not realistic. How to do this? In this session, we discuss how to analyze both POV, both sets of requirements and issues and reach optimal decisions that, hopefully, achieves a balance between these without amplifying risk. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp114

Cybersecurity is becoming a #1 business risk for many organizations. For CISOs to effectively manage this risk, proper strategy, adequate resourcing, and leadership support are all essential, but not enough. CISOs need a trusted partner on the supplier side, a product CISO, known within industry as a Chief Product Security Officer, who understands customer risk, drives secure product design and development, and manages cyber support across the lifecycle of software products and connected solutions. Manufacturers around the world are investing in the Chief Product Security Officer role to elevate and mature their product security program. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp113

Now more than ever, the significant demand for cybersecurity professionals serves as an opportunity to align with your organization's DE&I priorities. Building a diverse and inclusive workforce is achievable and begins with intentional leadership. Learn from a cybersecurity leader's successful track record and how to stand by your organization's greatest asset. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp112

As risk practitioners CISOs make risk vs reward decisions on a daily and sometimes hour by hour basis. As a profession we must understand our organizations risk tolerance and appetite as well as our own. Regulations are lagging indicators. SOX was established as a direct response to unethical behavior. Unfortunately, regulations in cybersecurity and data privacy are also "lagging indicators" that organizations "left to their own device" have failed to allocate sufficient reasonable cost-effective resources to mitigate the significant risk in prudent ways that place the organization in a position to demonstrate both due diligence and due care in a worst case scenario. CISOs must: 1 Understand your organizations risk tolerance and appetite 2 Know your own risk tolerance and appetite as well as your personal code of conduct and ethics. 3 Build and maintain your "rainy day", emergency or as my more colorful colleagues refer, FU funds. 4 Find your calm, peace and happiness. These days, mine is Yoga and Meditation What is yours? 5 To avoid stressful days and sleepless nights, maintain our integrity and sense of humor! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp111

The successful CISO STORIES podcast started by interviewing the 75 contributors to the #1 Best-selling (2019-2022) and 2020 CANON Cybersecurity Hall of Fame Winning CISO roadmap book CISO COMPASS: Navigating Cybersecurity Leadership with Insights from Pioneers. These 25–30-minute podcasts have brought many issues to life, leveraging the experience of CISOs and other top security industry leaders. This podcast interviews the show host and reviews some clips from some of the more memorable episodes. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Show Notes: https://securityweekly.com/csp110

Every year brings new challenges in protecting our companies and nations from threat actors. Join our conversation with key CISOs as we look back at 2022 and review some of the key learnings, and look ahead with a laser focus on 2023 priorities for cybersecurity. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp109

With over 112 million viewers tuning into the Superbowl in 2022, it is arguably the most watched televised event in the USA, with many fans globally. Whether watching for the NFL game of the year, the Superbowl Ads, or the incredible half-time shows, one can appreciate the complexity in managing security and cybersecurity for this large event. Join us, as we the CISO for the NFL discusses the complexity of ensuring an event like this, and efforts to maintain the confidentiality, integrity, and availability for the millions of end users, expecting the see the game of the year. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp110

Join Erik Hart, CISO at Cushman & Wakefield, and Eden Naftali, CTO Operations at from Wiz for a discussion around key trends in the cloud with the rapid pace of innovation and new technologies in IaaS and PaaS. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp110

While 5G has been designed with specifications and capabilities that make it more secure than previous generations, 5G is also being deployed in a more complex threat landscape that continues to grow and evolve. How do we transform cybersecurity across the enterprise to reduce risk, particularly within a hybrid and distributed workforce? And how can new innovations in 5G, Artificial Intelligence, Cloud Technologies, Cryptography and more help us better predict attacks and prevent breaches. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp106

CISOs often have a love/hate relationship with auditors, as it is the auditors that are placing judgment on the adequacy of company cybersecurity controls. Join this session from the perspective of an IT Audit leader and former CISO, as to how to view the auditors and strengthen the cybersecurity program amid adversity. Show Notes: https://securityweekly.com/csp105 This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

The skills that got us to the CISO seat are not all we need to lead our teams and companies now. Inclusive leadership is bigger than just building a diverse team, it's knowing how to lead and develop others. This discussion to engage further on the topic of cybersecurity leadership development, blind spot detection and adapting to changing business needs Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp104

The convergence of quantum computing, artificial intelligence, machine learning and material fabrication is allowing innovation to take place in weeks verses years. What are the security implications and how should CISO's be thinking and planning for the transformation in our security capabilities to meet these new demands? This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp103

Cybersecurity is so heavily focused on technical topics, but it's the soft skills that can make or break a person. Whether you're negotiating a budget, trying to persuade another team to prioritize security patches, or collaborating with another team on a product feature, soft skills will make a security team and the individual professional more impactful. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp102

Join Ryan Kazanciyan, CISO at Wiz (previously Meta, Tanium, Mandiant), and Raaz Herzberg from Wiz for a discussion on core security challenges we saw in 2022 and what should be top of mind for companies and security teams as they head into 2023. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp101

Many people working in cybersecurity fall victim to myths, advertising hype, and misconceptions about fundamental concepts. The speaker has recently coauthored, with two distinguished colleagues, a book that is intended to dispel some of the common myths and provide information about how to better copy with the changing environment of cybersecurity. Spafford, E. et al. 2022. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls That Derail Us. 1st Ed. Available for Pre-Order on Amazon.com. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp100

Cybersecurity leaders are evaluated by their ability to build and sell a strategy that meets the needs of the organization. Listen to Jason's experience in creating an impactful vision and cybersecurity strategy executive management can embrace! To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://files.scmagazine.com/wp-content/uploads/2022/11/CISOSTORIES_JasonClark_Article.pdf Clark, J. 2019. Building a Security Vision and Strategy. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. . Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp99

Gartner says, "Organizations who recognize the value of a security leader but can't afford a traditional CISO should consider virtual options. "With a current total cash compensation ranging from $208K to $337K, hiring a chief information security officer (CISO) may not be in the budget for small or midsize organizations, especially those that aren't heavily regulated. Join 2 CISOS that have taken the plunge into the world of being a vCISO, as they share their experiences. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp98

Are you a Small or Medium Business (SMB) or a Large Business grappling with infosec challenges? Dane moved from a large, well-funded organization to a smaller organization which accelerated global business growth during his tenure! Join us as we discuss these differences and how to adapt to the different environments. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://files.scmagazine.com/wp-content/uploads/2022/11/CISOSTORIES_DaneSandersen_Article.pdf Sandersen, D. 2019. Moving From a Large Company to Small-Medium-Sized Company as CISO. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 484-485. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp97

Information Security is often seen as a cost center and drain on the revenue of a company. It may be seen as necessary to protect the company, but the value is not always understood by leadership and peers to the CISO. Taken from personal experience, in this talk, we will explore some suggestions on how CISOs can bring and show value to their companies. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp96

The Security Operations Center is often the first line of engagement for security incidents. It's essential that SOC teams are planned, practiced, and prepared to act. One of the best ways to do that? Cyber Defense Exercises. Join us as we discuss how these work and the value to the program. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp95

The average tenure of a CISO is 18 Months to 5 years, depending upon the research. Learn from a CISO who has been employed by the same organization for almost 4 decades! Learn as Jim shares some of his key learnings as he has worked with an organization that has gone through many changes during his tenure, and some ideas to add to your own CISO career strategy. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp94

What is the best way to approach cloud security as the cloud environment evolves and what should security leaders consider as they think about scaling their security? Join us to learn about how CISO of Wiz, Ryan Kazanciyan thinks about cloud security from a cloud-native perspective, what makes securing your cloud infrastructure so challenging, and what makes your cloud security posture "good"? This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp93

The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals' privacy. Join the leader of the NIST development team to learn about why the framework was created, how it can be used, and the resources available. NIST Privacy Framework, https://www.nist.gov/privacy-framework Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp92

The Covid-19 pandemic caused many organizations to quickly pivot to a remote environment, while for others, this was more business as usual and simply acquiring more VPN licenses. Marc has led technology risk management/security for several large companies, experiencing even more impactful changes. How do you lead through this adversity? How do you get the organization to change? Join us as Marc shares his experience. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp91

Chris has been a contributing author to the industry-recognized Verizon Data Breach Investigations Report (DBIR) since its inception (2008), a report which provides valuable information for CISOs on current trends and mitigation approaches. Join Chris as he reviews this year's (2022-2023) key trends with Ransomware, COVID-19 Remote Working impacts, threat actors, and risk mitigation. 2022 Data Breach Investigations Report, Verizon. https://www.verizon.com/business/resources/reports/dbir/ This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow Show Notes: https://securityweekly.com/csp90

CISOs have a stressful job, due to the many threats, unknowns and high expectations. How does this impact mental health? Is this different from other leadership roles? Should you discuss with your company? Join Shamla who has held several Fortune 100 CISO roles, as she discusses several approaches to this real issue. Naidoo, S. 2022. The Looming CISO Mental Health Crisis – and What to Do About it – Part 1. Dark Reading (Jan 28). https://www.darkreading.com/edge-articles/the-looming-ciso-mental-health-crisis-and-what-to-do-about-it-part-1 Naidoo, S. 2022. The Looming CISO Mental Health Crisis – and What to Do About it – Part 2. Dark Reading (Jan 31). https://www.darkreading.com/edge-articles/the-looming-ciso-mental-health-crisis-and-what-to-do-about-it-part-2 This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp89

The NIST Cybersecurity Framework simplifies the language of Cybersecurity across the organization. Learn from the person who led the contracting team for the development of the NIST Cybersecurity Framework what the framework is all about and how it can reduce risk to the organization. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_MatthewSmith_Article.pdf Smith, M. 2019. Using the Nist Cybersecurity Framework in an International Setting In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 239-240. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp88

There has been much discussion lately about Quantum Computing and the future threats to encryption and authentication it could cause. Should CISOs be worried? Are there steps that should be taken now? Join us as we discuss Quantum computing and the implications for the CISO – today. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp87

Fortunes have been gained and lost through Bitcoin and other cryptocurrency purchases. Ransomware paid in cryptocurrency is rarely recovered. Should the CISOs get involved in promoting regulation of the cryptocurrency? Would this reduce the number and amounts paid in ransomware attacks? Join the author of "The COiNMEN", who has extensively researched cryptocurrencies and promoted policy changes as he shares his views. Segment Resources: Letter in Support of Responsible Fintech Policy, www.concerned.tech "The Coinmen" is on Amazon at https://www.amazon.com/dp/B09SL16P5Y . This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp86

As ransomware wreaks havoc on our systems and information, more companies are transferring some of the risk through Cyber Insurance. What technologies are cyber insurance companies looking to have in place? How are insurance companies setting the premiums? Join Bryan as he shares his extensive cyber counterintelligence and forensic experience in supporting CISOs to navigate cyberinsurance carriers. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp85

Ron has seen the CISO role emerge over as a senior executive at ISACA. Join us as Ron shares the necessity of the CISO getting out of the office and the types of forums that are most beneficial to the CISO, based upon his decades experience in enhancing the CISO profession. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_RonHale_ArticleV2.pdf Hale, R. 2019. The Positive Power of Community Engagement. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 270-1. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp84

What do you do if the most senior person in your organization, the CEO, refuses to wear security badges- an essential control for identifying associates and restricting physical entry? Listen as John uses creativity to win the heart and mind of the CEO and embrace and become a strong advocate of the security awareness program! To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/08/CISOSTORIES_JohnCeraolo_ArticleV2.pdf Ceraolo, J. 2019. Listening and Using Creativity in You Security Program In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 371-2. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp83

Go to any security conference today and there is a plethora of new products to prevent, detect and respond to the current threat environment. But are we missing something? Is there a less expensive and more tactical way to approach security? Join Benjamin as we review what some are the key basics are that should be in place before investing in higher-end technology. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp82

CISOs, security leaders and their teams must consume a large amount of information from many sources to remain effective. How does the CISO organize unstructured information? How does the CISO brainstorm? How does the CISO collaborate? Mind Mapping is a very effective tool to generate ideas quickly and was also used to create the CISO COMPASS book! Learn from a CISO who uses Mind Maps™ for just about everything! To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/CISOSTORIES_MichaelWilcox_Article.pdf Wilcox, M. 2019. Mind Maps™ Effective Method for Organizing Cybersecurity Information In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 80-81. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp81

A Lawyer can be the CISOs best friend and advocate for cybersecurity investments. Are you frustrated with a lawyers answer of, "it depends?" Lawyers have a different thought process than many CISOs when apply the law. Join this session from a notable cybersecurity lawyer as to the differences in language and how to best take advantage of the legal expertise available to support the mission. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/CISOSTORIES_MarkDRasch_Article.pdf Rasch, M. 2019. How to Talk to Your Lawyer In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 317-318. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp80

Companies clearly want to hire the best candidate for the CISO Role. Where best to learn, but from someone who has been successfully recruiting Security Leaders for over 35 years? Learn from the guidance Joyce provides to her clients when hiring for the CISO role. Joyce also discusses salaries, reporting relationships, and skills necessary today. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/CISOSTORIES_Joyce_Brocaglia_Article.pdf Brocaglia. 2019. An Insider's View of the CISO Search In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 33-35. Fitzgerald, T. CRC Press, Boca Raton, Fl. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Companies clearly want to hire the best candidate for the CISO Role. Where best to learn, but from someone who has been successfully recruiting Security Leaders for over 35 years? Learn from the guidance Joyce provides to her clients when hiring for the CISO role. Joyce also discusses salaries, reporting relationships, and skills necessary today. Show Notes: https://securityweekly.com/csp79

The Solarwinds breach raised the visibility of Software supply chain risks, as many organizations employ third party software with potential access to sensitive information. Join the CISO of Solarwinds as he discusses what happened during the attack, the lessons learned, the mitigations employed after the attack, and excellent, transparent actions for organizations to manage software development and distribution processes. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp78

As CISOs embark on implementing an Intellectual Property protection effort, they are often met with resistance, being challenged as to the necessity of the effort. Join Michael as he shares his experience in winning the support for his efforts to properly classify and secure the information and systems. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/07/CISOSTORIES_MichaelBoucher_Article.pdf Boucher, M. 2019. Data Protection: Security Intellectual Property In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 371-2. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp77

Join the former Privacy Commissioner of Ontario, Canada and creator of PrivacyByDesign (PbD), translated into 40 languages and incorporated into General Data Protection Regulation (GDPR) and used by many organizations to proactively "bake-in" privacy into our systems. Every CISO needs to pay attention to and support the various country privacy laws. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/05/CISOSTORIES_AnnCavoukian_Article.pdf Cavoukian, A. 2019. Lead with Privacy by Design for Competitive Advantage. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 270-1. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp76