39 episodes

This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.

The Business of Security Unknown

    • Technology
    • 4.4 • 9 Ratings

This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.

    #37 – Leveraging Information Sharing To Protect Your Organization, with Bill Nelson

    #37 – Leveraging Information Sharing To Protect Your Organization, with Bill Nelson

    In this episode, guest Bill Nelson, CEO of the Global Resiliency Federation (GRF), talks about the GRF’s mission to help organizations in myriad industries share critical security threat information so they can all better defend themselves. 
    Bill lays out the history of GRF – how it emerged from the work he did at FS-ISAC, where he grew membership from 170 banks to 7,000. Bill led a team that was tasked with helping other industries set up their own security information sharing programs, based on what FS-ISAC was doing, leading to the creation of ISACs and ISAOs for legal, oil & gas, retail, energy, and healthcare.  
    You’ll also learn how the Uniform Commercial Code, article 4, in its description of “commercially reasonable” security, and who’s financially liable after a breach, drove banks to take security controls like anomaly detection, MFA, and DDoS prevention a lot more seriously. 
    GRF’s newest security information exchange, K12SIX, aims to protect K-12 schools, which have become the newest targets for ransomware, with attacks ballooning from 10 per year just a few years ago to more than 400 in 2020, and ransoms increasing from $20k to an astonishing $40M.

    Guest:
    Bill Nelson, CEO of Global Resilience Federation (GRF)

    Host:
    Chad Boeckmann, Founder/CEO, TrustMAPP

    Sponsor:
    TrustMAPP (https://trustmapp.com)

    • 34 min
    #36 – Sorting out CISOs, Deputy CISOs, BISOs, and vCISOs, with Will Klusovsky

    #36 – Sorting out CISOs, Deputy CISOs, BISOs, and vCISOs, with Will Klusovsky

    Join Chad and special co-host Allan Alford for an enlightening conversation with Wil Klusovsky, Global Cybersecurity Strategy, Governance, Risk & Compliance (SGRC) Offering Lead at Avanade.The three of them take on the sometimes confusing realm of...

    • 35 min
    #35 – Business Resiliency with Gus Thompson

    #35 – Business Resiliency with Gus Thompson

    Join Chad and Malcolm as they chat with Gus Thompson, Consulting Managing Director at TruDoss, about business resilience. In this episode, hear about:How one breach of a company he previously  worked for led to them to learn and develop new principles...

    • 27 min
    #34 – SaaS Security Made Simple with Ben Johnson

    #34 – SaaS Security Made Simple with Ben Johnson

    In this episode, guest Ben johnson, co-founder and CTO of Obsidian Security, discusses how he got into cybersecurity (after seeing the movie "Enemy of the State"), got into US intelligence, got tired of the polygraphs, and ultimately ended up co-founding Carbon Black. It's a fascinating journey!
    Today, Ben is focused on continuous security monitoring of SaaS environments, and figuring out how a security team can protect their organization's SaaS accounts that they don't even have access to!
    Guest:
    Ben Johnson, Co-Founder and CTO, Obsidian Security  
    Hosts:
    Malcolm Harkins, Chief Security and Trust Officer, Cymatic
    Chad Boeckmann, Founder/CEO, TrustMAPP

    Sponsor:
    TrustMAPP (https://trustmapp.com)

    • 39 min
    #33 – IoT Security in the US Federal Government with Drew Spaniel

    #33 – IoT Security in the US Federal Government with Drew Spaniel

    In this episode, guest Drew Spaniel walks us through the new law passed in late 2020, The IoT Cybersecurity Improvement Act of 2020 (HR 1668), and how if will affect not just US federal government procurement, but IoT device manufacturers, and consumers as well.

    The Act calls for IoT devices to be secured by manufacturers based on NIST guidance and cybersecurity best practices. From the Congessional Budget Office:

    "Under H.R. 1668, NIST also would publish standards for federal agencies, contractors, and vendors to systematically report and resolve security vulnerabilities for IoT devices. Each agency’s chief information officer would be required to ensure compliance. OMB would establish federal standards for that coordinated reporting process that are consistent with NIST’s standards and guidelines."

    Guest:
    Drew Spaniel, Lead Researcher, ICIT (Institute for Critical Infrastructure Technology)

    Hosts:
    Malcolm Harkins, Chief Security and Trust Officer, Cymatic
    Chad Boeckmann, Founder/CEO, TrustMAPP

    Sponsor:
    TrustMAPP (https://trustmapp.com)

    • 41 min
    #32 – Do SMBs Need a CISO? – John Prokap, CISO

    #32 – Do SMBs Need a CISO? – John Prokap, CISO

    In this episode, guest John Prokap discusses the cyber security needs of small and mid-sized businesses, and if and when they need to hire a CISO. His discussion with hosts Malcolm and Chad covers:
    Why SMBs absolutely need a security programHow and when to hire a vCISO, and when it's time to hire a full-time CISOHow industry associations can help their SMB membersThe headwinds of change that a CISO will encounter, including "Technical Ego"Why SMBs need to think about "Extinction Events" in their security planningRecoil in horror as John, Malcolm, and Chad share stories from their pasts, including: users with one-character passwords, RSA auth tokens zip-tied to forklifts, and how one company had more domain admins that IT staff.
    Guest:
    John Prokap, former CISO at HarperCollins

    Hosts:
    Malcolm Harkins, Chief Security and Trust Officer, Cymatic
    Chad Boeckmann, Founder/CEO, TrustMAPP

    Sponsor:
    TrustMAPP (https://trustmapp.com)

    • 31 min

Customer Reviews

4.4 out of 5
9 Ratings

9 Ratings

Bandido ,

Serious topics with serious individuals…please loose the sound effects.

Great resource on information security with thought leaders with great insight from individuals in the industry. Please do loose the sound effects as you are discussing serious topics with serious individuals, I'm certain it delays production for an unnecessary attempt at making it fun/funny.

pruittaz ,

Great Content Poor Audio

I love the content it’s extremely useful to me as a Business Information Security Officer. However the audio quality leaves something to be desired. Keep up the good work though.

Top Podcasts In Technology