Artwork

Treść dostarczona przez Adopting Zero Trust. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Adopting Zero Trust lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !

Navigating the Ever-Changing Landscape of Cybersecurity Regulations With Lacework and Drata

30:10
 
Udostępnij
 

Manage episode 421133229 series 3462572
Treść dostarczona przez Adopting Zero Trust. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Adopting Zero Trust lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.

Season 3, Episode 7: Though regulation impacting cybersecurity moves slow, when new laws are introduced it often puts significant strain on companies. Lacework’s Tim Chase and Drata’s Matt HIllary discuss navigating the latest broad-sweeping regulations.

Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here.

The time between a law being proposed and going into effect may feel like a snails pace, but for cybersecurity and GRC professionals, it may feel like the DNA of an organization may need to change. This week we chat with cybersecurity leaders Tim Chase from Laceworks and Matt Hillary of Drata who delve deep into the ever-evolving landscape of cybersecurity regulations. They explore topics such as the challenges of rapid incident reporting, the role of collaboration in the industry, and the emerging onslaught of AI-related laws and proposed bills.

This Week’s Guests

Tim Chase, Lacework’s Global Field CISO

With over 15 years of experience in the cybersecurity industry, Tim is a Global Field CISO at Lacework, a leading cloud security platform. Tim holds CCSK, CISSP, and GCCC certifications and has a deep understanding of product security, DevSecOps, application security, and the current and emerging threats in the cybersecurity landscape.

Matt Hillary, Drata’s CISO

Matt Hillary currently serves as VP, Security and Chief Information Security Officer at Drata. With more than 15 years of security experience, Matt has a track record of building exceptional security programs. He most recently served as SVP, Systems and Security and CISO at Lumio, and he’s also held CISO and lead security roles at Weave and Workfront, Instructure, Adobe, MX, and Amazon Web Services. He is also a closet raver. Like really, actually is.

TL;DR
  1. The landscape of cybersecurity regulations is ever-changing, with new bills and regulations continually emerging which impact businesses of various sizes.
  2. The recent rules released by the SEC regarding the time frame for announcing a breach or incident have significantly impacted organizations. The term "material" is a key aspect of these rules, leading to discussions around what constitutes a material cybersecurity incident.
  3. The role of a CISO is challenging due to the potential for breaches and incidents despite implementing comprehensive security measures. The additional regulations add further complexity to the role.
  4. Transparency and honesty are vital in the event of a breach. Companies that are open about incidents and their impact are viewed more favorably than those that attempt to cover things up.
  5. The concept of 'carrot and stick' in regulation is discussed. There are mixed feelings about this approach, with some preferring collaboration and industry-led standards over punitive measures such as fines. However, there is recognition that both incentives (the carrot) and punitive measures (the stick) can drive companies to improve their cybersecurity measures.
  6. AI is a hot topic in the cybersecurity field, with potential to assist in quickly sorting through data and reducing false positives. However, the implementation of AI also brings its own set of regulations and challenges.

  continue reading

50 odcinków

Artwork
iconUdostępnij
 
Manage episode 421133229 series 3462572
Treść dostarczona przez Adopting Zero Trust. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Adopting Zero Trust lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.

Season 3, Episode 7: Though regulation impacting cybersecurity moves slow, when new laws are introduced it often puts significant strain on companies. Lacework’s Tim Chase and Drata’s Matt HIllary discuss navigating the latest broad-sweeping regulations.

Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here.

The time between a law being proposed and going into effect may feel like a snails pace, but for cybersecurity and GRC professionals, it may feel like the DNA of an organization may need to change. This week we chat with cybersecurity leaders Tim Chase from Laceworks and Matt Hillary of Drata who delve deep into the ever-evolving landscape of cybersecurity regulations. They explore topics such as the challenges of rapid incident reporting, the role of collaboration in the industry, and the emerging onslaught of AI-related laws and proposed bills.

This Week’s Guests

Tim Chase, Lacework’s Global Field CISO

With over 15 years of experience in the cybersecurity industry, Tim is a Global Field CISO at Lacework, a leading cloud security platform. Tim holds CCSK, CISSP, and GCCC certifications and has a deep understanding of product security, DevSecOps, application security, and the current and emerging threats in the cybersecurity landscape.

Matt Hillary, Drata’s CISO

Matt Hillary currently serves as VP, Security and Chief Information Security Officer at Drata. With more than 15 years of security experience, Matt has a track record of building exceptional security programs. He most recently served as SVP, Systems and Security and CISO at Lumio, and he’s also held CISO and lead security roles at Weave and Workfront, Instructure, Adobe, MX, and Amazon Web Services. He is also a closet raver. Like really, actually is.

TL;DR
  1. The landscape of cybersecurity regulations is ever-changing, with new bills and regulations continually emerging which impact businesses of various sizes.
  2. The recent rules released by the SEC regarding the time frame for announcing a breach or incident have significantly impacted organizations. The term "material" is a key aspect of these rules, leading to discussions around what constitutes a material cybersecurity incident.
  3. The role of a CISO is challenging due to the potential for breaches and incidents despite implementing comprehensive security measures. The additional regulations add further complexity to the role.
  4. Transparency and honesty are vital in the event of a breach. Companies that are open about incidents and their impact are viewed more favorably than those that attempt to cover things up.
  5. The concept of 'carrot and stick' in regulation is discussed. There are mixed feelings about this approach, with some preferring collaboration and industry-led standards over punitive measures such as fines. However, there is recognition that both incentives (the carrot) and punitive measures (the stick) can drive companies to improve their cybersecurity measures.
  6. AI is a hot topic in the cybersecurity field, with potential to assist in quickly sorting through data and reducing false positives. However, the implementation of AI also brings its own set of regulations and challenges.

  continue reading

50 odcinków

كل الحلقات

×
 
Loading …

Zapraszamy w Player FM

Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.

 

Skrócona instrukcja obsługi