24 episodes

Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open conversation on governance, risk, and compliance to move your organization from as-is to the next level. Here we will have discussions on program assessments, control assessments, risk identification, risk register, mitigation plans, and much more.

Cybersecurity Risk Dr. Bill Souza

    • Technology
    • 5.0 • 1 Rating

Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open conversation on governance, risk, and compliance to move your organization from as-is to the next level. Here we will have discussions on program assessments, control assessments, risk identification, risk register, mitigation plans, and much more.

    Risk Assessment - What to Assess

    Risk Assessment - What to Assess

    These 3 steps you can take to perform a risk assessment:
    Identify and document the scope and assets to be assessed. I suggest starting with your critical assets.Identify and collect your assessment data.Vulnerability scan (including applications)Minimum security baseline scanAccess management at the OS and application levelsStandard exceptions against your scoped systemsSecurity information and event management (SIEM) logging and alertingAnalyze and report
    The most important part is the analysis, since quantitative data alone may not provide the correct information.========
    Training: https://www.execcybered.com/iso27001foundationcourse
    Linkedin: https://www.linkedin.com/company/exceccybered/
    Twitter: https://twitter.com/DrBillSouza
    Instagram: https://www.instagram.com/drbillsouza/
    Author: Dr. Bill Souza | Jun 28, 2022 

    • 4 min
    What to Focus First

    What to Focus First

    What to Focus on FIRST
    Mission-based cybersecurity
    Systems supporting the mission, vision, and servicesRegulatory systems - PCI, HIPAA, SOX, GDPRPrioritizing remediation is based on quantifying the three primary financial impacts:
    Business interruption costData exfiltration costRegulatory cost===
    Blog: https://www.execcybered.com/blog
    Training: https://www.execcybered.com/store
    Linkedin: https://www.linkedin.com/company/exceccybered/
    Twitter: https://twitter.com/DrBillSouza
    Instagram: https://www.instagram.com/drbillsouza/

    Thanks.
    Dr. Bill Souza
    CEO | Founder
    www.execcybered.com

    • 2 min
    Improving Risk Program - 5 Tips

    Improving Risk Program - 5 Tips

    There are some simple rules that you can start today to ensure improvements to your cyber risk program.
    Define the problemDefine riskDefine criticalIdentify and inventory critical assets or systemsIdentify risksThese rules apply to small, medium, and large businesses with corresponding difficulty levels.

    Thanks.
    Dr. Bill Souza
    CEO | Founder
    E|CE - Executive Cyber Education
    https://www.execcybered.com 

    • 3 min
    Tackling Risk Probability and Impact

    Tackling Risk Probability and Impact

    Today I’ll discuss risk probability and impact and give you some examples to build your own impact and probability table.
    ProbabilityImpactThanks.
    Dr. Bill Souza
    CEO/Founder
    E|CE - Executive Cyber Education
    https://www.execcybered.com 

    • 8 min
    5 Cybersecurity Challenges

    5 Cybersecurity Challenges

    Today I’ll touch on the topic of Cyber Risk & Cyber Investment challenges.
    ImprovingExploitsAttack pathsAttacker behaviorInvestmentThanks.
    Dr. Bill Souza
    CEO/Founder
    E|CE - Executive Cyber Education
    https://www.execcybered.com 

    • 7 min
    Lacking Basic Cybersecurity Practices

    Lacking Basic Cybersecurity Practices

    The show today is based on an article titled, “Global utilities lacking basic cybersecurity practices.” Although the article was focused on utilities, the guidance is applicable to every industry, so I will touch on a few recommendations that could be useful to you as well, regardless of industry.

    Links mentioned on the show:
    Article: Global utilities lacking basic cybersecurity practices says expert (powerengineeringint.com)
    Webinar: https://www.execcybered.com/nist-csf-replay

    Thanks.
    Dr. Bill Souza
    CEO/Founder
    E|CE - Executive Cyber Education
    https://www.execcybered.com 

    • 7 min

Customer Reviews

5.0 out of 5
1 Rating

1 Rating

Top Podcasts In Technology

Lex Fridman
Jason Calacanis
NPR
Jack Rhysider
PJ Vogt
Gimlet