Business Security Weekly (Video‪)‬ Security Weekly Productions

The new SEC Cyber Security Rules require organizations to be ready to report cyber incidents. But what do you actually need to do? Mike Lyborg, Chief Information Security Officer at Swimlane, joins Business Security Weekly to discuss how to prepare. In this interview he'll discuss the key element of your preparation, including:
Quantification Materiality Evidence Disclosure Show Notes: https://securityweekly.com/bsw-347

Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover:
The background of CMMC Standardization of CMMC CMMC v3 changes and implementation timelines Best practices to prepare Segment Resources: https://www.federalregister.gov/documents/2023/12/26/2023-27280/cybersecurity-maturity-model-certification-cmmc-program
https://www.forbes.com/sites/forbesbusinesscouncil/2024/02/13/the-department-of-defenses-cmmc-requirement-and-what-it-means-for-american-businesses/?sh=7ccbc268b7b5
https://consultdts.com/demystifying-the-cmmc-rule-a-breakdown-of-proposed-regulation/
Show Notes: https://securityweekly.com/bsw-347

In the leadership and communications section, Navigating Legal Challenges of Generative AI for the Board, Winds of Warning? SEC Charges Threaten to Disrupt Role of CISO, 6 Common Leadership Styles — and How to Decide Which to Use When, and more!
Show Notes: https://securityweekly.com/bsw-346

Startup founders dream of success, but it's much harder than it looks. As a former founder, I know the challenges of cultivating an idea, establishing product market fit, growing revenue, and finding the right exit. Trust me, it doesn't always end well.
In this interview, we welcome Seth Spergel, Managing Partner at Merlin Ventures, to discuss how to accelerate that journey to lead to a successful outcome. Seth will share Merlin Venture's approach to helping startups tackle the largest markets in the world, including US enterprises and federal. He will also share what success looks like.
Segment Resources:
 https://merlin.vc/advice-for-young-startups-eyeing-federal-what-kind-of-tech-does-the-u-s-government-need/
https://merlin.vc/we-have-liftoff/
https://merlin.vc/portfolio/
 https://merlin.vc/dig-security-talon-cyber-security-acquired-by-palo-alto-networks/
 https://innovationisrael.org.il/en/digital-reports/
Show Notes: https://securityweekly.com/bsw-346

In this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you hopefully get the point). In fact, buying too much can often create more problems than it solves, especially if you're struggling to fill your staffing needs.
In part 1 of this 2-part episode, we'll discuss:
- The current state of vendor offerings in cybersecurity
- The difficulties of measuring value and efficacy in a product
- How to avoid building a security program that centers around managing products
- Shelfware
- Minimizing product overhead

In this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you hopefully get the point). In fact, buying too much can often create more problems than it solves, especially if you're struggling to fill your staffing needs.
In part 2 of this 2-part episode, we'll discuss:
- The pros and cons of buying from different types of companies
- Who to look to for product recommendations
- Is making a plan to "ditch before you hitch" a good or bad idea?
- What to do when you inherit a mess
Show Notes: https://securityweekly.com/bsw-345