24 episodes

The monthly podcast for security professionals, by security professionals.Two self proclaimed grumpy security professionals talk security risk, how they’ve managed it in the past and forward looking discussions with guests working in information security and risk management.

Caffeinated Risk McCreight & Leece

    • Business
    • 5.0 • 8 Ratings

The monthly podcast for security professionals, by security professionals.Two self proclaimed grumpy security professionals talk security risk, how they’ve managed it in the past and forward looking discussions with guests working in information security and risk management.

    Privacy & Toxic Data with Michelle Finneran Dennedy

    Privacy & Toxic Data with Michelle Finneran Dennedy

    A great discussion point that didn't make it to air from the original 2021. Not all data is of equal value to the organization and the viable shelf life is seldom tracked or even discussed.

    This espresso shot takes a humorous look at a serious question about privacy considerations during the development cycle and check out the original full episode with privacy thought leader Michelle Finneran Dennedy.

    • 6 min
    Classifying and effectively communicating enterprise security risk with Paul Mercer

    Classifying and effectively communicating enterprise security risk with Paul Mercer

    Communication isn't effective until the receiver understands the message well enough to take action. That pretty much sums up the challenge facing many risk professionals today, something Paul Mercer resolved, out of necessity, by building  risk management software that is proving to be a welcome solution for many notable customers.

    Mr. Mercer is no stranger to the front lines of risk management, starting with the Royal Navy then extensive risk & crisis consulting for international clients. Well known ESRM practitioners are also recognizing the value of Mercer's approach to digital safety and security risk management.

    • 31 min
    Redefining the risk management business partnership with Rachelle Loyear

    Redefining the risk management business partnership with Rachelle Loyear

    Co-author of the original book on Enterprise Security Risk Management, it only made sense to have Rachelle be the first Caffeinated Risk guest.  Like many guests, there was just too much material for a 30 minute episode. This espresso shot encore digs into that nuanced  topic of truly partnering with business stakeholders. 
     

    • 6 min
    Resilience as a Risk Management Stratgey

    Resilience as a Risk Management Stratgey

    Anyone with a bit of time in the security industry is well acquainted with Murphy's law but  crisis management specialists are who you call when things suddenly get very real.  While common security guidance advocates protection,  readying your organization to weather the inevitable failure in prevention measures starts with resilience.

    international crisis management thought leader  Alexandra Hoffman and 2022 IFSEC Global Influencer and Meta's head of Global Security Protective Intelligence Tim Wenzel  dive deep into what resilience really means at the organizational level.

    Security folks are fond of saying "it's not if but when ...", listen in to learn  more about how to prepare your organization for that eventuality from those who have been there with some of the biggest companies in the world. 

    • 32 min
    Infrastructure Resilience and Ethical Considerations

    Infrastructure Resilience and Ethical Considerations

    Recorded two days after the July 2022  nationwide telecom outage,  co-hosts Tim and Doug explore the deeper ramifications of losing access to the very services that are so tightly integrated into our lifestyle.  While the complete root cause of the Rogers' outage may never be publicly shared, most organizations face similar constraints, leading to a discussion about ethics and our shared commitment to the common good.

    Documents referenced in the show:
    ACM Code of Ethics
    Energy sector asset management

    • 31 min
    GRC Program Development and Implementation with Josh Sokol

    GRC Program Development and Implementation with Josh Sokol

    Sooner or later every risk management professional faces the hard reality that comprehensive risk management programs can't be implemented on spreadsheets. A corporate vice president mandate, minus the funding, started Josh Sokol on  a journey that turned his initial platform solution into an opensource project that morphed into a commercial venture. 

    While meeting the risk management and compliance needs of organizations large and small, the Simple Risk founder remains committed to a practical  approach for stewarding cyber security issues and mentoring the next generation of security professionals. 

    This episode explores the true GRC platform needs -- not the marketing -- and the cyber security executive's role in enterprise risk management.  

       

    • 31 min

Customer Reviews

5.0 out of 5
8 Ratings

8 Ratings

K.7333 ,

Great 1st episode

Enjoyed the first episode. Looking forward to more. Keep them coming.

Top Podcasts In Business

Hala Taha | YAP Media
NPR
Tim Ferriss: Bestselling Author, Human Guinea Pig
Steven Bartlett
Vox Media Podcast Network
Braden Dennis & Simon Belanger