Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance

Dejan Kosutic
  • 0,0 (0)
  • ADMINISTRACIÓN

“Secure & Simple” demystifies governance and compliance challenges faced by consultants, as well as professionals acting as fractional CISOs in companies. The podcast is hosted by Dejan Kosutic, an expert in cybersecurity governance, ISO 27001, NIS2, and DORA. The episodes present topics in an easy-to-understand way and provide you with insight you won’t be able to find elsewhere. To provide comments, suggest topics for the next episodes, or express your interest in participating in the show, contact us at podcast@advisera.com. Learn more about ISO 27001, NIS2, and DORA at https://advisera.com.

  1. HACE 3 D

    U.S. vs International and European Cybersecurity Standards | Interview with John Verry

    In this episode, host Dejan Kosutic, CEO of Advisera, welcomes John Verry, Managing Director at CBIZ Pivot Point Security consulting company. With over 25 years of experience and managing more than a thousand clients, John shares his immense expertise in various cybersecurity frameworks, including ISO 27001, CMMC, HIPAA, and HITRUST. The discussion delves deep into the complexities and opportunities within cybersecurity governance, the nuances of different frameworks (especially ISO 27001 and HITRUST), and the impact of AI and privacy regulations. Whether you're a consultant, CISO, or cybersecurity professional, this episode has valuable insights to help you navigate the ever-evolving landscape of cybersecurity compliance. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with John Verry (00:15) - Meet the Guest: John Verry (01:10) - Comparing Cybersecurity Frameworks (05:12) - The Impact of AI and Other Frameworks (07:46) - HITRUST and Its Market (12:00) - HIPAA vs. HITRUST (14:45) - ISO 27001 vs. SOC 2 in the US Market (17:27) - Working with European Clients (24:35) - Navigating Privacy Laws in the US and Europe (29:20) - The Role of AI in Consulting (40:13) - Resources for Consultants

    42 min

  2. 12 AGO

    Best Practices for Writing Policies and Procedures | Interview with Carlos Cruz

    In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Carlos Cruz, founder of Metanoia Consulting in Portugal. They discuss essential best practices for creating and managing policies, procedures, plans, and other documents for compliance with ISO standards and cybersecurity regulations. Carlos shares insights on the distinction between procedures and work instructions, the importance of writing clear and concise documents, and the challenges of getting employees to adopt new procedures. They also cover the importance of templates, techniques for ensuring documents reflect current practices, and strategies for addressing resistance to new documents. This episode is a must-watch for consultants, CISOs, and other cybersecurity professionals looking to streamline their documentation process. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t - How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course: https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with Carlos Cruz (01:55) - Types of Documents: Policies, Procedures, and Work Instructions (11:51) - The Importance of Short and Focused Documents (21:46) - Structuring Documents for Clarity and Compliance (33:34) - Adapting Documents to Client Needs (39:31) - The Importance of Templates for Writing Documents (43:58) - Deciding What to Document (45:50) - The Roles in Document Creation (01:15:04) - Common Mistakes in Document Writing (01:21:39) - Resources for Consultants

    1 h 23 min

  3. 29 JUL

    The Journey and Insights of a Successful Fractional CISO | Interview with Terry Ziemniak

    In this episode of the Secure and Simple Podcast, we sit down with Terry Ziemniak, an experienced fractional CISO with over a decade in the field. Terry shares his unique career journey from traditional cybersecurity roles to becoming a trusted fractional CISO. We discuss the key differences between full-time and fractional CISOs, how to balance multiple clients, and the importance of aligning cybersecurity with business goals. Terry also provides valuable insights on the essentials of well-written security policies, the crossover between AI governance and cybersecurity, and tips for aspiring fractional CISOs. Join us for a deep dive into the world of fractional cybersecurity leadership and learn how to navigate and succeed in this growing field. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Terry Ziemniak (02:28) - The Value of Business Alignment in Cybersecurity (11:20) - Understanding the Role of a Fractional CISO (18:29) - Educating Stakeholders on Cybersecurity (23:13) - Finding Allies in the Organization (25:42) - Importance of Well-Written Security Policies (29:48) - Market Opportunities for Fractional CISOs (31:26) - Challenges and Strategies for Fractional CISOs (38:24) - AI Governance and Cybersecurity (45:05) - Future of the CISO Role (48:34) - Resources for Consultants

    50 min

  4. 15 JUL

    ISO-as-a-Service and AI: Innovation in Consultancy | Interview with Alexander Jaber

    In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Alexander Jaber, CEO of Compliant Business Solutions GmbH, a consulting company from Germany. They discuss ISO 27001 as a service, an innovative approach that combines consulting, policy writing, software, and certification into a cohesive package. Alexander shares insights on the consulting business, the importance of building client trust, the impact of AI on consultancy, and the future of compliance. Tune in to learn about the challenges and advantages of this unique service model and how AI could transform the industry. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Alexander Jaber (05:01) - ISO 27001 as a Service Explained (12:57) - Customer Collaboration and Trust (19:26) - Importance of Using Software (20:39) - Service Relevance for Different Company Sizes (22:16) - Pricing Model (25:51) - Impact of AI on Compliance (29:23) - Future of Consultants in an AI-Driven World (34:17) - AI Agents in Compliance (39:39) - Resources for Consultants

    41 min

  5. 1 JUL

    Role of EU Cybersecurity Bodies and How to Cooperate With Them | Interview with Brian Honan

    In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Brian Honan, the CEO of BH Consulting, to discuss the evolving landscape of cybersecurity and its governance, particularly in the EU. Brian shares insights on the role of European cybersecurity bodies like ENISA and the importance of cybersecurity in business operations. The discussion covers how to effectively communicate cybersecurity concerns to non-technical stakeholders, tips for building a successful consultancy, and the potential impact of new regulations like NIS2 and DORA on the industry. Learn about the resources and tools available for consultants on the ENISA website and how collaboration with national and EU bodies can enhance cybersecurity efforts. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Brian Honan (05:21) - European Cybersecurity Organizations and Their Roles (12:49) - Consulting and EU Cybersecurity Resources (18:11) - Engaging with National and EU Cybersecurity Bodies (25:38) - The Role of Cyber Ireland (27:54) - Government Grants and Support (29:50) - Consultant's Role in Government Policy (31:40) - Translating Cybersecurity for Businesses (37:15) - Competitive Advantage Through Cybersecurity (43:52) - Opportunities in Cybersecurity Regulations (51:04) - Resources for Consultants

    52 min

  6. 17 JUN

    Coaching as a Service for Human-Centric Cybersecurity | Interview with Dominic Vogel

    In this episode of the Secure and Simple Podcast, host Dejan Kosutic sits down with Dominic "Dom" Vogel, president of Vogel Cyber Leadership and Coaching. Dom shares his unique journey from traditional cybersecurity consulting to a more human-focused coaching approach. He emphasizes the importance of building strong, empathetic relationships within tech teams and improving internal branding. Dom also discusses the value of integrating cybersecurity strategies with business goals and how a human-centric methodology can lead to more meaningful and sustainable change in organizations. With insights into his coaching methods and client success stories, this episode provides actionable advice for cybersecurity professionals, IT leaders, and consultants looking to enhance their leadership and coaching skills. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Dominic Vogel (02:40) - Human-Centric Approach to Cybersecurity Coaching (04:25) - Coaching Success Stories (14:55) - The Importance of Internal Branding (19:46) - Cybersecurity Leadership in Small Organizations (24:08) - Aligning Cybersecurity with Business Goals (29:33) - Building Sustainable Client Relationships (31:26) - Value-Based Pricing in Consulting (34:47) - The Importance of Saying No (37:20) - Opportunities in Small and Mid-Sized Businesses (40:13) - Leveraging Speaking Engagements for Leads (43:23) - The Role of AI in Consulting (47:31) - Resources for Consultants

    49 min

  7. 3 JUN

    Next-level Consulting: Marketing & AI Governance Opportunities | Interview with Tudor Galos

    In this episode of the Secure and Simple Podcast, we delve into the secrets of becoming a subject matter expert and thriving as a consultant. Our special guest, Tudor Galos, shares his transition from a marketing role at Microsoft to establishing his AI and GDPR consultancy. We explore the power of providing valuable content, maintaining positive client experiences, and navigating the growing field of AI governance. Packed with insights on marketing strategies, building trust, and dominating your niche, this episode is a must-watch for cybersecurity (and other) consultants. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  (00:00) - Interview with Tudor Galos (01:11) - Transition from Corporate to Entrepreneurship (03:40) - Offering Free Consultations to Build a Brand (07:48) - Focusing on Small and Medium-Sized Clients (12:20) - Building Trust and Securing Clients (20:45) - The Importance of Specialization (24:37) - Expanding into AI Governance (35:05) - Pricing Strategies for Consultants (37:45) - The Future of Consulting in the AI Era (42:23) - Advice for Aspiring Consultants (44:42) - Resources for Consultants

    46 min

  8. 20 MAY

    How to Scale Cybersecurity Consultancy | Interview with Bevan Lane

    In this episode of the Secure and Simple Podcast, host Dejan Kosutic speaks with Bevan Lane, CEO of InfoSec Advisory Group. Bevan shares his journey from starting as an independent contractor to building a successful cybersecurity consultancy with offices in South Africa and London, and clients across five continents. Learn about his approach to scaling the business, including hiring passionate young talent, leveraging automation, and adapting to industry changes. Bevan also discusses the importance of balancing work and family life and provides valuable advice for aspiring consultants. Stay tuned for insights on the future of cybersecurity consulting and more. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Bevan Lane (03:11) - Hiring and Training the Right People (06:26) - Mentorship and Structured Training (09:34) - Challenges of Retaining Talent (10:55) - CEO's Role and Company Growth Strategy (14:22) - Impact of AI on Consulting and Auditing (17:49) - Finding and Partnering with Clients (22:45) - Leveraging LinkedIn for Business Growth (27:02) - Challenges in Consultancy (30:29) - Balancing Work and Personal Life (35:23) - Future of Consulting and Auditing (40:27) - Advice for Aspiring Consultants (42:54) - Resources for Consultants

    44 min
Ver todo (16)

Información

“Secure & Simple” demystifies governance and compliance challenges faced by consultants, as well as professionals acting as fractional CISOs in companies. The podcast is hosted by Dejan Kosutic, an expert in cybersecurity governance, ISO 27001, NIS2, and DORA. The episodes present topics in an easy-to-understand way and provide you with insight you won’t be able to find elsewhere. To provide comments, suggest topics for the next episodes, or express your interest in participating in the show, contact us at podcast@advisera.com. Learn more about ISO 27001, NIS2, and DORA at https://advisera.com.

Ficha técnica

  • Creado por
    Dejan Kosutic
  • Años en activo
    2 mil
  • Episodios
    16
  • Clasificación
    Apto
  • Derechos de autor
    ©2025 Advisera Expert Solutions
  • Sitio web del podcast
    Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance
  • Proveedor