This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.
#37 – Leveraging Information Sharing To Protect Your Organization, with Bill Nelson
In this episode, guest Bill Nelson, CEO of the Global Resiliency Federation (GRF), talks about the GRF’s mission to help organizations in myriad industries share critical security threat information so they can all better defend themselves.
Bill lays out the history of GRF – how it emerged from the work he did at FS-ISAC, where he grew membership from 170 banks to 7,000. Bill led a team that was tasked with helping other industries set up their own security information sharing programs, based on what FS-ISAC was doing, leading to the creation of ISACs and ISAOs for legal, oil & gas, retail, energy, and healthcare.
You’ll also learn how the Uniform Commercial Code, article 4, in its description of “commercially reasonable” security, and who’s financially liable after a breach, drove banks to take security controls like anomaly detection, MFA, and DDoS prevention a lot more seriously.
GRF’s newest security information exchange, K12SIX, aims to protect K-12 schools, which have become the newest targets for ransomware, with attacks ballooning from 10 per year just a few years ago to more than 400 in 2020, and ransoms increasing from $20k to an astonishing $40M.
Bill Nelson, CEO of Global Resilience Federation (GRF)
Chad Boeckmann, Founder/CEO, TrustMAPP
#36 – Sorting out CISOs, Deputy CISOs, BISOs, and vCISOs, with Will Klusovsky
Join Chad and special co-host Allan Alford for an enlightening conversation with Wil Klusovsky, Global Cybersecurity Strategy, Governance, Risk & Compliance (SGRC) Offering Lead at Avanade.The three of them take on the sometimes confusing realm of...
#35 – Business Resiliency with Gus Thompson
Join Chad and Malcolm as they chat with Gus Thompson, Consulting Managing Director at TruDoss, about business resilience. In this episode, hear about:How one breach of a company he previously worked for led to them to learn and develop new principles...
#34 – SaaS Security Made Simple with Ben Johnson
In this episode, guest Ben johnson, co-founder and CTO of Obsidian Security, discusses how he got into cybersecurity (after seeing the movie "Enemy of the State"), got into US intelligence, got tired of the polygraphs, and ultimately ended up co-founding Carbon Black. It's a fascinating journey!
Today, Ben is focused on continuous security monitoring of SaaS environments, and figuring out how a security team can protect their organization's SaaS accounts that they don't even have access to!
Ben Johnson, Co-Founder and CTO, Obsidian Security
Malcolm Harkins, Chief Security and Trust Officer, Cymatic
Chad Boeckmann, Founder/CEO, TrustMAPP
#33 – IoT Security in the US Federal Government with Drew Spaniel
In this episode, guest Drew Spaniel walks us through the new law passed in late 2020, The IoT Cybersecurity Improvement Act of 2020 (HR 1668), and how if will affect not just US federal government procurement, but IoT device manufacturers, and consumers...
#32 – Do SMBs Need a CISO? – John Prokap, CISO
In this episode, guest John Prokap discusses the cyber security needs of small and mid-sized businesses, and if and when they need to hire a CISO. His discussion with hosts Malcolm and Chad covers:Why SMBs absolutely need a security programHow and when...
Serious topics with serious individuals…please loose the sound effects.
Great resource on information security with thought leaders with great insight from individuals in the industry. Please do loose the sound effects as you are discussing serious topics with serious individuals, I'm certain it delays production for an unnecessary attempt at making it fun/funny.
Great Content Poor Audio
I love the content it’s extremely useful to me as a Business Information Security Officer. However the audio quality leaves something to be desired. Keep up the good work though.