The Business of Security Podcast discusses the business side of security. From finding work and what skills are needed to where and how do you network To sharing ideas, tips and advice on networking, technology, marketing, and tools you can use to successfully grow your security business. The podcast offer interviews with leaders in the security talking about the state of the security business, how to brand your business to be successful by using marketing and social media tools. The goal of ...
…
continue reading
This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.
…
continue reading
1
#46 - Identity Orchestration and the Hidden Costs of Cybersecurity with Eric Olden, CEO at Strata Identity
28:41
28:41
Na później
Na później
Listy
Polub
Polubione
28:41
As a CISO, could you be hemorrhaging cash without even knowing? Tune in to our discussion with Eric Olden, CEO of Strata, as we cast a spotlight on the potential costs of not tightening your cybersecurity, especially during cloud migration. We expose the financial pitfalls of operating outdated software, managing infrastructure, and rewriting appli…
…
continue reading
1
#45 - The CISO is Not the Hero of the Story with Jeff Wheatman
45:51
45:51
Na później
Na później
Listy
Polub
Polubione
45:51
Dive deep with us into the fascinating world of storytelling as it intersects with cybersecurity. We're debunking common myths and shedding light on the transformative power of organizational archetypes. Jeff Weatman leads the discussion, challenging the stereotypical portrayal of the CISO as the central hero of cybersecurity. In a captivating twis…
…
continue reading
1
#44 - Continuous Process Improvement with Nick Means
24:23
24:23
Na później
Na później
Listy
Polub
Polubione
24:23
Nick Means has been leading software engineering teams for more than a decade in the healthtech and devtools spaces. His focus is on building distributed organizations defined by their cultures of high trust and autonomy. He’s also an international keynote speaker, having shared his unique brand of storytelling with audiences around the world. He w…
…
continue reading
1
#43 - Partnering with Business Leaders to Build Your Security Program from Scratch
26:14
26:14
Na później
Na później
Listy
Polub
Polubione
26:14
In this episode, we have a very special guest joining us to discuss the essentials of building a cybersecurity program from scratch. Allan Alford, the founder of Allan Alford Consulting, brings a wealth of experience and a unique perspective to the table. Since launching his boutique cybersecurity consulting practice at the end of 2019, Allan has b…
…
continue reading
1
#42 - CIS Controls for Business with Valecia Stocchetti
38:36
38:36
Na później
Na później
Listy
Polub
Polubione
38:36
The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. Join us as we discuss the impact that CIS Controls can have on your small to medium business. We dive into the mission of the Center for Infromation Security, me…
…
continue reading
1
#41 - Investing in Supply Chain Solutions with Marcus Bartram
25:28
25:28
Na później
Na później
Listy
Polub
Polubione
25:28
Marcus Bartram is a General Partner at Telstra Ventures, a San Francisco-based VC firm that invests in mid-stage tech companies. He's on the founding team and has led investments in cybersecurity companies like CrowdStrike, Auth0, Anomali, Cequence, CloudKnox, Cofense, CyberGRX, Elastica, vArmour, and Zimperium. Hosts: Josh Bruyning, Sr. Solutions …
…
continue reading
1
#40 - Mind the Tech Gap with Dr. Nikki Robinson
43:09
43:09
Na później
Na później
Listy
Polub
Polubione
43:09
In this episode of The Business of Security, we discuss Dr. Robinson's upcoming book, Mind the Tech Gap, and how to manage the problem of low to non-existent collaboration between IT and Security teams. This conversation covers tools and techniques for creating a rich, collaborative environment for organizations in order to achieve security goals. …
…
continue reading
1
#39 - Don't Fire the CISO, with Quentyn Taylor
36:22
36:22
Na później
Na później
Listy
Polub
Polubione
36:22
Top Tips for getting into the security industry and future proofing your strategy. This podcast will focus on Quentyn’s long career in cyber security and how working for the same company for a long period of time years has enabled him to build resilience and always think years ahead when executing a strategy. Quentyn has a wealth of knowledge exper…
…
continue reading
1
#38 - Succession Planning, with John Checco
38:58
38:58
Na później
Na później
Listy
Polub
Polubione
38:58
In this episode, guest John Checco, Resident CISO at Proofpoint, makes a compelling case for CISO succession planning. As John takes us through his journey as a CISO, we learn how companies factor skills, background, and strengths into their short to long-term succession plans. The average estimated tenure of a CISO is only 26 months. 85% of survey…
…
continue reading
1
#37 – Leveraging Information Sharing To Protect Your Organization, with Bill Nelson
34:28
34:28
Na później
Na później
Listy
Polub
Polubione
34:28
In this episode, guest Bill Nelson, CEO of the Global Resiliency Federation (GRF), talks about the GRF’s mission to help organizations in myriad industries share critical security threat information so they can all better defend themselves. Bill lays out the history of GRF – how it emerged from the work he did at FS-ISAC, where he grew membership f…
…
continue reading
1
#36 – Sorting out CISOs, Deputy CISOs, BISOs, and vCISOs, with Will Klusovsky
35:00
35:00
Na później
Na później
Listy
Polub
Polubione
35:00
Join Chad and special co-host Allan Alford for an enlightening conversation with Wil Klusovsky, Global Cybersecurity Strategy, Governance, Risk & Compliance (SGRC) Offering Lead at Avanade. The three of them take on the sometimes confusing realm of CISOs, Deputy CISOs, Business ISOs, and virtual CISOs. In this episode, hear about: How responsibilit…
…
continue reading
1
#35 – Business Resiliency with Gus Thompson
27:00
27:00
Na później
Na później
Listy
Polub
Polubione
27:00
Join Chad and Malcolm as they chat with Gus Thompson, Consulting Managing Director at TruDoss, about business resilience. In this episode, hear about: How one breach of a company he previously worked for led to them to learn and develop new principles of resiliency. How those principles and play book helped them when they were hit with another brea…
…
continue reading
1
#34 – SaaS Security Made Simple with Ben Johnson
39:16
39:16
Na później
Na później
Listy
Polub
Polubione
39:16
In this episode, guest Ben johnson, co-founder and CTO of Obsidian Security, discusses how he got into cybersecurity (after seeing the movie "Enemy of the State"), got into US intelligence, got tired of the polygraphs, and ultimately ended up co-founding Carbon Black. It's a fascinating journey! Today, Ben is focused on continuous security monitori…
…
continue reading
1
#33 – IoT Security in the US Federal Government with Drew Spaniel
41:21
41:21
Na później
Na później
Listy
Polub
Polubione
41:21
In this episode, guest Drew Spaniel walks us through the new law passed in late 2020, The IoT Cybersecurity Improvement Act of 2020 (HR 1668), and how if will affect not just US federal government procurement, but IoT device manufacturers, and consumers as well. The Act calls for IoT devices to be secured by manufacturers based on NIST guidance and…
…
continue reading
1
#32 – Do SMBs Need a CISO? – John Prokap, CISO
31:04
31:04
Na później
Na później
Listy
Polub
Polubione
31:04
In this episode, guest John Prokap discusses the cyber security needs of small and mid-sized businesses, and if and when they need to hire a CISO. His discussion with hosts Malcolm and Chad covers: Why SMBs absolutely need a security program How and when to hire a vCISO, and when it's time to hire a full-time CISO How industry associations can help…
…
continue reading
1
#31 - Miguel El Lakkis, CISO - Transitioning CISO Responsibilities
32:40
32:40
Na później
Na później
Listy
Polub
Polubione
32:40
In this episode, we feature our guest Miguel El Lakkis. Miguel recently transitioned from News Corp to Cantor Fitzgerald and in this process he describes the method commonly used by CISO's to properly transition a security program to a successor. We discuss the various aspects of a security program that may change over time and how to address const…
…
continue reading
1
#30 - Hiring and Securing a Remote Workforce - Lucinda DuToit, VP of HR, Digineer
38:46
38:46
Na później
Na później
Listy
Polub
Polubione
38:46
In this episode we discuss the process of recruiting, identifying culture fit and managing trust with a remote workforce and how these components impact the security profile of a company. The discussion begins with identifying an appropriate recruiting process for a remote workforce and measuring the appropriate candidates to hire in a remote workf…
…
continue reading
1
#29 - Emerging Trends in IoT Cyber Security Regulation - Drew Spaniel, ICIT and James Russell, Paul Phillips of Microchip Technology
35:35
35:35
Na później
Na później
Listy
Polub
Polubione
35:35
In this episode we invite special guests Drew Spaniel, Lead Researcher, Institute for Critical Infrastructure Technology (https://icitech.org), James Russell, Worldwide Group Leader, Wireless Connectivity Specialists and IoT Security Team, Microchip Technology (https://www.microchip.com) and Paul Phillips, Principal Embedded Solution Engineer, Micr…
…
continue reading
1
#28 - Culture of IoT Cyber Security - Drew Spaniel, ICIT and James Russell, Microchip Technology
34:18
34:18
Na później
Na później
Listy
Polub
Polubione
34:18
In this episode we invite special guests Drew Spaniel, Lead Researcher, Institute for Critical Infrastructure Technology (https://icitech.org) and James Russell, Worldwide Group Leader, Wireless Connectivity Specialists and IoT Security Team, Microchip Technology (https://www.microchip.com). In this episode we dive into the unique aspects of IoT Se…
…
continue reading
1
#27 - Benny Lakunishok, CEO, Zero Networks - Sine Wave of Prevention, Detection and Response
41:46
41:46
Na później
Na później
Listy
Polub
Polubione
41:46
On this episode of the podcast Benny Lakunishok, Co-Founder of Zero Networks, join Malcolm Harkins and Chad Boeckmann to explore the industry's continuous adoption and adaption of prevention -> detection -> prevention technologies. The group dives into the maturity of machine learning and where the industry is overall as well as how adoption of new…
…
continue reading
1
#26 - John Brennan, Partner, YL Ventures - Investing and Managing Risk During COVID
45:26
45:26
Na później
Na później
Listy
Polub
Polubione
45:26
In this episode, Malcolm Harkins and Chad Boeckmann speak with John Brennan, Partner at YL Ventures. This episode provides a perspective of how venture capital firms are reacting to and supporting their cybersecurity portfolio companies during an unprecedented pandemic in our modern time. In this episode we discuss trends of security teams and John…
…
continue reading
1
#25 - Michael Lines, CISO and Entrepreneur - Overloaded Security Leader?
32:39
32:39
Na później
Na później
Listy
Polub
Polubione
32:39
Overloaded Security Leader? In this episode Michael Lines joins Chad Boeckmann and Malcolm Harkins in a discussion about tactically prioritizing security efforts and what it means to get real traction. This episode explores supplier risk versus third-party risk and how this relates to overall business objectives and outcomes. Further discussion evo…
…
continue reading
1
#24 - Jason Lish, Chief Security, Privacy, and Data Officer - Build or Buy Your Security Leader?
38:12
38:12
Na później
Na później
Listy
Polub
Polubione
38:12
In this episode co-hosts Malcolm Harkins, Security and Trust Officer at Cymatic and Chad Boeckmann, CEO at TrustMAPP, speak with Jason Lish, Privacy, and Data Officer at Advisor Group about mentoring the next security leader and creating a back up for existing cyber security leadership. The discussion evolves into skill types, as well as organizati…
…
continue reading
1
#23 - Malcolm Harkins, Security & Trust Officer, Cymatic - Obtaining Value from Cybersecurity
29:52
29:52
Na później
Na później
Listy
Polub
Polubione
29:52
The podcast is back with fresh new content. In this episode Chad Boeckmann talks cybersecurity value, business engagement and contemplating risk versus measuring risk with Malcolm Harkins. The security team of course must align to the business but just as important the business must align with security. So how do we accomplish this? What approach i…
…
continue reading
1
#22 BONUS EPISODE- Adam Stone, Privacy Officer, Secure Digital Solutions - CCPA (California Consumer Privacy Act of 2018) and Business Impact
42:13
42:13
Na później
Na później
Listy
Polub
Polubione
42:13
In this episode Chad Boeckmann interviews Adam Stone about the new California Consumer Privacy Act of 2018 (CCPA). The discussion leads off with the comparison of GDPR to CCPA some similarities and differences between the two. The latter half of the interview dives into a role-play of scoping a business for CCPA compliance. Adam guides our listener…
…
continue reading
1
#21 - Kristin Judge, CEO, Cybercrime Support Network - Great Leadership in Cyber Security While Tackling Cybercrime
33:15
33:15
Na później
Na później
Listy
Polub
Polubione
33:15
Kristin Judge brings a very interesting background in counseling, teaching, public service and leadership to drive cybersecurity awareness and learning to the masses. Ron Woerner and Kristin have a conversation about the qualities of a good leader and how this can translate into driving change and awareness across the cyber security landscape. Kris…
…
continue reading
1
#20 -Bob Zukis - CEO, Digital Directors Network - Governing Cyber Risk on Corporate Boards
29:24
29:24
Na później
Na później
Listy
Polub
Polubione
29:24
Bob Zukis, CEO of Digital Directors Network and Professor at USC Marshall School of Business, took time out of his busy schedule to talk about cyber risk and board awareness with Chad Boeckmann on this episode. Bob discusses the results of a panel survey from the NACD (National Association of Corporate Directors) annual summit in Washington DC rela…
…
continue reading
1
#19 - Joyce Brocaglia - CEO, Alta Associates - Building Diverse and Competitive Teams in Cyber Security
38:20
38:20
Na później
Na później
Listy
Polub
Polubione
38:20
Ron Woerner connects with Joyce Brocaglia, CEO of Alta Associates and Founder of Executive Women's Forum. Joyce covers the importance of investing in one's own career and how to grow into a leadership CISO role to gain the proverbial "seat at the table" with the business. Further discussion leads to describing the importance and approach to buildin…
…
continue reading
1
#18 - Bill Marden - Director of Privacy and Compliance, New York Public Library - Privacy and Treasures
58:08
58:08
Na później
Na później
Listy
Polub
Polubione
58:08
If you have written off your local library you may be underestimating the true value it can deliver that "automatically" brings you privacy. Take a journey on this very special episode to uncover the treasures The New York Public Library holds and also specific privacy rules around the use of any library's resources. Bill Marden is our guest and he…
…
continue reading
1
#17 - George Finney, CSO, Southern Methodist University - 9 Habits To Be Cyber Secure
41:44
41:44
Na później
Na później
Listy
Polub
Polubione
41:44
Information security poverty line - Ron and George discuss the segment of teams who can succeed and those are are handicapped. Diving deeper George uncovers his current project for a book he is writing titled "9 Habits to Be Cyber Secure". Ron inquires with George about cultivating good habits for a community of professionals. As an industry we ten…
…
continue reading
1
#16 - Allan Alford - CISO, Mitel Networks Corp - GDPR for Leaders
51:13
51:13
Na później
Na później
Listy
Polub
Polubione
51:13
Are you ready? This is an action packed, information filled episode with Allan Alford the CISO for Mitel. Allan covers 4 key points to achieve GDPR "alignment" and takes us through the journey of accomplishing these four key phases as a CISO. Towards the latter half of the episode we dive into evolution of relationship between privacy and security …
…
continue reading
1
#15 - Chris Hadnagy, CEO, Social-Engineer, LLC - Hacking the Human!
35:58
35:58
Na później
Na później
Listy
Polub
Polubione
35:58
Chris Hadnagy joins Ron Woerner on this season 2 episode 6 titled Hacking the Human. A master of social engineering, Chris starts the episode with real-world scenarios that interesting and entertaining based on real-life social engineering exercises he has conducted. Further in the episode Chris shares valuable insight into understanding people and…
…
continue reading
1
#14 - Ben Rothke, Senior Security Consultant, Nettitude - Securing Small-Medium Business
42:05
42:05
Na później
Na później
Listy
Polub
Polubione
42:05
Ben Rothke joins Ron Woerner on this episode to discuss Ben's experience that lead to his book titled Computer Security: 20 Things Every Employee Should Know (McGraw-Hill). Ben addresses the question "what has changed in 20 years" and also reviews some best practices that are very relevant today. Focusing security on the data is where the conversat…
…
continue reading
1
#13 - Adam Shostack, President, Shostack & Associates - Real Business Value with Threat Modeling
34:31
34:31
Na później
Na później
Listy
Polub
Polubione
34:31
Adam Shostack is the author of the book titled Threat Modeling: Designing for Security (Wiley, 2014). He also is a co-author of The New School of Information Security (Addison-Wesley, 2008). Adam is a veteran in the cyber security industry having spent over eight years with Microsoft where he focused on threat model tools and techniques. In this ep…
…
continue reading
1
#12 - Tanya Janca, Senior Cloud Advocate of Application Security at Microsoft - Defining DevSlop
44:44
44:44
Na później
Na później
Listy
Polub
Polubione
44:44
What is DevSlop you ask? Tanya Janca take us through the landscape of DevSecOps (application security in a DevOps environment) and compares this to more traditional approaches to security and application development lifecycles. Tanya addresses the requirements for a success lifecycle process no matter the model and takes us through how to be succes…
…
continue reading
1
#11 - Robert Baldi, Director of Cyber Security Audit, Equifax - Audit as a Security Partner and Line of Defense
40:47
40:47
Na później
Na później
Listy
Polub
Polubione
40:47
Robert Baldi joins Ron Woerner on the Business of Security Podcast Series for a discussion about Cyber Security Audit and using the audit capability as a way to leverage change and enhance overall security performance. Robert joined Equifax in 2018, in the wake of the massive 2017 data breach there. Robert discusses using a mathematical formula for…
…
continue reading
1
#10 - Introduction to Season 02 - Ron Woerner and Chad Boeckmann
29:22
29:22
Na później
Na później
Listy
Polub
Polubione
29:22
Chad Boeckmann and Ron Woerner discuss the theme of Season 2 podcast, upcoming guests and also share some of their own experiences over many years in the cyber security industry. Topics include the important skills the industry still needs and where the emphasis should be for upcoming professionals. We also discuss the definition of "Security Groun…
…
continue reading
1
BONUS: Cyber Security in Healthcare and Spring NH-ISAC Recap
25:16
25:16
Na później
Na później
Listy
Polub
Polubione
25:16
Aaron Pritz of Aaron Pritz & Associates (www.aaronpritz.com) sits down and talks with us about cyber security in healthcare and common threads from the May 2018 Spring Summit of NH-ISAC. This conversation evolves into data breach management, incident response readiness. This discussion goes into managing risk as an ongoing activity to maintain appr…
…
continue reading
1
#09 - Barry Caplin, Leadership Partner, Gartner - Learning the Business of Business
54:46
54:46
Na później
Na później
Listy
Polub
Polubione
54:46
Barry sits down with us and discusses his long tenure in the industry as a CISO for government entity to a CISO for a healthcare entity. The conversation transforms into how similar security challenges are across all industries. For CISO's to be effective it is important to learn the business of business. We dive into the variables of presenting to…
…
continue reading
1
#08 - Robert Wood, CSO - Becoming an Empathetic CISO
45:22
45:22
Na później
Na później
Listy
Polub
Polubione
45:22
Robert Wood, CSO at SourceClear (acquired recently by CA Veracode), speaks about becoming an empathetic security leader for the business. Exploring context for different perspectives across the business given a variety of responsibilities and stakeholders across an enterprise landscape.Autor: Business of Security/Robert Wood, CSO
…
continue reading
1
#07 - Jason Meszaros, Security Manager, MN Twins Baseball - Operating (and Securing) a Major League Ball Club
39:27
39:27
Na później
Na później
Listy
Polub
Polubione
39:27
Sitting down at Target Field in Minneapolis patiently waiting for the season to kick in full speed we caught up with Jason Meszaros of the Minnesota Twins Baseball Club. There is a lot of content packed into this episode including IoT, Big Data, Security Intelligence and enhancing business value through innovation. The examples set by Jason in this…
…
continue reading
1
#06 - Sharon Smith, Strategic Security Advisor - Defining Success as a Security Leader
45:28
45:28
Na później
Na później
Listy
Polub
Polubione
45:28
Sharon Smith from C-Suite Results speaks about her experience providing security leadership to companies and lessons learned through these interactions. The discussion evolves from presenting meaningful information for business leaders to negotiating a CISO's reporting structure prior to accepting the job offer. You won't want to miss this engaging…
…
continue reading
1
#05 - Chris Veltsos (Dr.Infosec) - Grooming Future CISO's and Healthy Skepticism
41:41
41:41
Na później
Na później
Listy
Polub
Polubione
41:41
We connect with Christophe Veltsos, Cyber Risk Strategist for Prudent Security on the current curriculum of cyber security in colleges and universities. How to groom up and coming CISO's and what a successful CISO in the future looks like. Together we delve into healthy skepticism for Boards and the C-Suite and why this is healthy level of skeptici…
…
continue reading
1
#04 - Loren Dealy Mahler, President - Crisis Communications in Cyber Security
45:09
45:09
Na później
Na później
Listy
Polub
Polubione
45:09
We continue our dialogue around cyber security response and dive deep into crisis communications when dealing with a negative cyber event. Loren Dealy Mahler speaks with us about her experience managing multiple audiences with her work on Capitol Hill and how this translates into the private sector. We dig into the importance of planning and also t…
…
continue reading
1
#03 - Charlie Langdon, CEO - A Public Company CEO Perspective on Cyber Risk
46:51
46:51
Na później
Na później
Listy
Polub
Polubione
46:51
In EP#3 we speak with Charlie Langdon, CEO of Vault Data a cognitive software company. Charlie has tenure from companies such as GE, NEC, Active Voice and is an author and advisor. In this episode we hear a CEO's perspective on managing cyber risk and relate this to how Equifax executives could have handled the breach. We also explore how security …
…
continue reading
1
#02 - Wayne Sadin CTO - Board Perspective and Qualified Technology Expert
35:23
35:23
Na później
Na później
Listy
Polub
Polubione
35:23
We begin the conversation with Wayne Sadin (who is an NACD Board Governance Fellow) about his role at Affinitas Life. Wayne offers both a technology leadership perspective as well as a Board of Director perspective on cyber risk and cybersecurity. Wayne introduced us to the concept of a QTE (Qualified Technology Expert). Wayne brings to us a much n…
…
continue reading
1
#00 - Business Of Security - Introduction To Podcast
1:56
1:56
Na później
Na później
Listy
Polub
Polubione
1:56
This is a short introduction describing the business of security podcast series with Chad Boeckmann and Ed Snodgrass. If you are wondering what this podcast is about listen to this!Autor: Business-Of-Security
…
continue reading
1
#01 - Alex Wood CISO - Practical Security
25:35
25:35
Na później
Na później
Listy
Polub
Polubione
25:35
In this inaugural episode of Business of Security, we caught up with Alex Wood at the Minneapolis SecureWorld Conference. Alex is the Chief Information Security Officer of Pulte Financial and co-founder of podcast Colorado=Security. Alex shares with us how he got into the industry, his thought process and approach to managing security within an org…
…
continue reading
1
How to Use Social Media for Your Security Business
24:00
24:00
Na później
Na później
Listy
Polub
Polubione
24:00
Security Business owners that use social media have to do more than just “be on” social media networks in order grow their business. There are so many ways in which to use the tool of Social Media. There is more to social media than casually chatting with friends or sharing news items ad infinitum. In this podcast episode, I share several ways in w…
…
continue reading
Social media is a driving force when used effectively for all types of business, including security and executive protection services. You’ve identified your goals, found your market, you are sharing and creating valuable content for potential customers, marketing your products and services. You’re interacting with comments and monitoring what is b…
…
continue reading