24 episodes
Cybersecurity Risk Dr. Bill Souza
-
- Technology
-
-
5.0 • 1 Rating
-
Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open conversation on governance, risk, and compliance to move your organization from as-is to the next level. Here we will have discussions on program assessments, control assessments, risk identification, risk register, mitigation plans, and much more.
-
Risk Assessment - What to Assess
These 3 steps you can take to perform a risk assessment:
Identify and document the scope and assets to be assessed. I suggest starting with your critical assets.Identify and collect your assessment data.Vulnerability scan (including applications)Minimum security baseline scanAccess management at the OS and application levelsStandard exceptions against your scoped systemsSecurity information and event management (SIEM) logging and alertingAnalyze and report
The most important part is the analysis, since quantitative data alone may not provide the correct information.========
Training: https://www.execcybered.com/iso27001foundationcourse
Linkedin: https://www.linkedin.com/company/exceccybered/
Twitter: https://twitter.com/DrBillSouza
Instagram: https://www.instagram.com/drbillsouza/
Author: Dr. Bill Souza | Jun 28, 2022 -
What to Focus First
What to Focus on FIRST
Mission-based cybersecurity
Systems supporting the mission, vision, and servicesRegulatory systems - PCI, HIPAA, SOX, GDPRPrioritizing remediation is based on quantifying the three primary financial impacts:
Business interruption costData exfiltration costRegulatory cost===
Blog: https://www.execcybered.com/blog
Training: https://www.execcybered.com/store
Linkedin: https://www.linkedin.com/company/exceccybered/
Twitter: https://twitter.com/DrBillSouza
Instagram: https://www.instagram.com/drbillsouza/
Thanks.
Dr. Bill Souza
CEO | Founder
www.execcybered.com -
Improving Risk Program - 5 Tips
There are some simple rules that you can start today to ensure improvements to your cyber risk program.
Define the problemDefine riskDefine criticalIdentify and inventory critical assets or systemsIdentify risksThese rules apply to small, medium, and large businesses with corresponding difficulty levels.
Thanks.
Dr. Bill Souza
CEO | Founder
E|CE - Executive Cyber Education
https://www.execcybered.com -
Tackling Risk Probability and Impact
Today I’ll discuss risk probability and impact and give you some examples to build your own impact and probability table.
ProbabilityImpactThanks.
Dr. Bill Souza
CEO/Founder
E|CE - Executive Cyber Education
https://www.execcybered.com -
5 Cybersecurity Challenges
Today I’ll touch on the topic of Cyber Risk & Cyber Investment challenges.
ImprovingExploitsAttack pathsAttacker behaviorInvestmentThanks.
Dr. Bill Souza
CEO/Founder
E|CE - Executive Cyber Education
https://www.execcybered.com -
Lacking Basic Cybersecurity Practices
The show today is based on an article titled, “Global utilities lacking basic cybersecurity practices.” Although the article was focused on utilities, the guidance is applicable to every industry, so I will touch on a few recommendations that could be useful to you as well, regardless of industry.
Links mentioned on the show:
Article: Global utilities lacking basic cybersecurity practices says expert (powerengineeringint.com)
Webinar: https://www.execcybered.com/nist-csf-replay
Thanks.
Dr. Bill Souza
CEO/Founder
E|CE - Executive Cyber Education
https://www.execcybered.com