Talking Cyber Security

Richard completes his interview with Security Culture and Awareness Lead Daisy Wong. The discussion covers many topics. By all means - Join 'The Australian CISO' LinkedIn group for upcoming downloads of information. Feel free to join 'The Australian CISO Community' WhatsApp group to share ideas with people willing to help us all.

At BSides Melbourne 2023, I had the pleasure of interviewing security awareness superstar Daisy Wong. This is Part 1 of 2.

This is the continuation of the previous episode recorded at BSides Melbourne 2023, where we discuss everything and anything with well known security personality, Nigel Phair.

In Part 1, listen to Richard and Nigel 'free flow' with their conversation about Security which covers a variety of topics including BSides, CREST, Nigel's journey through Security, Board involvement, and Risk Management.

Day 1 and Day 2 walk through of the magnificent BSides Melbourne 2023 hosted by SEEK.

Day 1 of BSides Melbourne 2023 with Lukasz Gogolkiewicz from SEEK.

Richard describes some of Kevin Mitnick's life. Unfortunately, we lost the world's greatest social engineer in July 2023.

Darren Arnott, Head of Cyber Security and Operations at Trusted Impact and author, speaks to Richard about all things security. Darren has also written a fascinating book titled, "No regard for the truth".https://darrenarnott.com/

Richard discusses an easy way to show value to the Board.

Hear the great aspects and pitfalls of being a CISO.

Richard briefly touches on Board Reporting before getting stuck right into the questions YOU need to ask your new company in the first 30 days.

Richard addresses a listener's request to provide them with 5 quick wins once you start in a new Security role. Richard provides 5 and a few more...

Richard discusses Risk Management and how most of us have probably been applying it incorrectly. In other news, Richard's back from interstate talking with customers and security people. And of course, Richard announces a surprise during the podcast.

This is a wake up call to CISOs, Head of Security and Security Managers. The podcast contains a rundown of some really important tasks you really need to consider...NOW!

How would you answer these 3 questions - How do you determine whether a CISO is doing a good job? What 5 questions would you ask a CISO at an interview and how would you answer them? What advice would you give a CISO? Listen as Richard relays an associate's answers to these 3 questions. The ending will surprise you!

Hear the common questions asked at a CISO or Head of Security interview with suggested answers. Hopefully these hints will help you get that job!

In Part 1 of "CISO Interviews", this episode provides guidelines for applying for CISO/ Head of Security roles. Following these guidelines will optimise your chances of being interviewed for a CISO or Head of Security position. Tune in to Part 2 to help you prepare for the interview!

In December 2013, Target US experienced a significant data breach. 70 million customer records and 40 million credit and debit records were exfiltrated. Richard walks through the findings from 2013, and asks listeners to consider whether they have addressed the vulnerabilities that gave rose to the 2013 breach. [email protected]

Listen to Richard interview Veronica Hall as she recounts her journey from Engineer to Audit to Security while assisting listeners on their journey through Security.

In this episode, Richard provides - detailed advice how to map out your security career to achieve your goal(s) quicker and provides criteria to help you analyse potential roles against your set goal(s). This episode is a must for ambitious security personnel. At the end of the episode he summarises both approaches.

In this episode, Richard discusses the merits of 3rd Party Questionnaires and has a "call to action" regarding a Personally Identifiable Information Data Security Standard (well...legislation really). Richard also gives listeners a "heads up" on a future episode regarding 2 phone calls he recently received...the analysis of which will help you realise whether you are on the 'right path'.

Episode 3 of The Australian CISO continues on from the previous episode that described a surprise "Red Team-Blue Team" penetration test. This episode walks through the "attack" and highlights the low cost, highly effective controls that every organisation could benefit from. This episode is a must if you want to strengthen your environment.

This episode delves into the world of the surprise penetration test. Is it a good approach or is it better to let everyone know that you are about to conduct a penetration test? i.e. if no-one knows about it, then the "attack" will be handled as it should. That is unexpected and using all the people, processes and technology that one would expect when an attack occurs...a good test of the organization's ability to respond and recover.Does the surprise attack pose problems though? What can go wrong?Listen to this episode where someone's decision to conduct a surprise penetration test had deep consequences.

The trailer episode introducing all listeners to The Australian CISO podcast.