State of Security Access Point Consulting

Summary
In this episode of State of Security, Geoff Hancock discusses cyber threat intelligence with guests Mike Rush and Evie Manning. They define cyber threat intelligence as data that is collected, processed, and analyzed to understand threat actors, their motives, targets, and behaviors. They emphasize the importance of making intelligence actionable and highlight the different levels of threat intelligence, from strategic trends to tactical actions. The guests also discuss the impact of cyber intelligence on supply chain security and how it can be used to proactively protect businesses. They stress the need for collaboration and communication between different cybersecurity disciplines and the importance of relevant and contextual data in cyber intelligence.
Takeaways
Cyber intelligence is data that is collected, processed, and analyzed to understand threat actors, their motives, targets, and behaviors.Making intelligence actionable is key, as it allows organizations to make informed decisions and take proactive measures to resolve issues and prevent future attacks.Cyber threat intelligence encompasses a broad range of information, from strategic trends to tactical actions, and helps organizations identify relevant threats and prioritize their security efforts.Cyber intelligence plays a crucial role in supply chain security, as it helps organizations identify and mitigate risks in their supply chain and protect their customers.Collaboration and communication between different cybersecurity disciplines, such as vulnerability management, incident response, and threat hunting, are essential for effective cyber intelligence.Small and medium businesses can start building their cyber intelligence capabilities by conducting an internal assessment of their assets, risks, and vulnerabilities, and then seeking relevant and contextual data from trusted sources.Chapters
00:00 Introduction to Cyber Intelligence
04:38 Different Levels of Threat Intelligence
07:28 Cyber Intelligence in the Context of Small and Medium Businesses
10:43 The Importance of Supply Chain Security
26:52 Building Cyber Intelligence Capabilities for Small and Medium Businesses

Summary
This episode focuses on governance, risk, and compliance (GRC) and how organizations can strengthen their GRC programs.
Key recommendations include:
Ensure executive buy-in and support for GRC initiatives.Review and update policies, procedures, and documentation regularly.Implement continuous monitoring and improvement of GRC processes.Incorporate GRC elements into contracts with third parties.Conduct regular internal and third-party risk assessments.Provide security awareness training to employees.Consider the impact of AI on GRC, but maintain a human element in the process.Chapters
00:00 Introduction
03:21 The Importance of Resilient GRC
08:33 Challenges and Failures in GRC
25:58 Executive Buy-In and Documentation
30:38 Continuous Monitoring and Improvement
35:24 Strengthening GRC Programs

Summary
During HIMSS24 in Orlando, Access Point highlighted the importance of operational resilience and incident response in healthcare. Led by Geoff Hancock, the session addressed the increase in data breaches and the need for proactive cyber resilience. Panelists emphasized the shift to proactive cybersecurity, the role of AI and machine learning, key elements of an incident response plan, and collaboration between teams. Executives were noted for their oversight during breaches, and the evolving role of the C-suite in prioritizing cyber resilience was emphasized. Effective communication to the C-suite and board of directors, along with balancing innovation with privacy and compliance, were also discussed.
Takeaways
Operational resilience and incident response are crucial in the healthcare industry due to the increasing number of data breaches.A proactive approach to cybersecurity is necessary, with a focus on having a plan and being able to withstand and manage through an attack.AI and machine learning play a role in cybersecurity, but there is a need for continuous testing and governance to prevent manipulation of outcomes.Key elements of a healthcare organization's incident response plan include team collaboration, incident classification, detection and analysis tools, recovery and retention strategies, and involvement of executives.Collaboration between the CISO, engineering, and IT teams is crucial for creating a strong security posture.Executives in hospital administration play a role in providing oversight and managing through a breach.The C-suite's understanding and prioritization of cyber resilience are evolving.Budgeting and prioritization are important for implementing effective cybersecurity measures.Effective communication and reporting to the C-suite and board of directors are essential.Balancing the adoption of innovative technologies with patient privacy and regulatory compliance is a challenge.Chapters
00:00 Introduction and the Need for Proactive Cyber Resilience
06:22 Understanding the Operational Side of Cyber Resilience
09:10 Key Elements of a Healthcare Organization's Incident Response Plan
24:27 Collaboration between CISO, Engineering, and IT for Strong Security
26:54 The Evolving Role of the C-Suite in Understanding Cyber Resilience
29:51 Budgeting and Prioritization for Effective Cybersecurity
33:13 Effective Communication and Reporting to the C-Suite and Board
36:08 Balancing Innovation and Patient Privacy in Healthcare

Summary
The principal themes in this conversation revolve around the importance of network vulnerability, data security, and the impact of emerging technologies in healthcare cybersecurity. The healthcare IT leaders we interviewed emphasize the need to find a balance between secure platforms and user-friendly environments. They also highlight the challenges of interfacing with external organizations and complying with government regulations. Other key topics include the integration of AI in healthcare, the importance of data protection, and the role of networking and Wi-Fi security. Overall, the conversation emphasizes the critical role of cybersecurity in maintaining patient confidence and protecting sensitive healthcare data.

Takeaways
Network vulnerability is a significant concern in healthcare cybersecurity.Finding a balance between secure platforms and user-friendly environments is crucial.Interfacing with external organizations and complying with government regulations are ongoing challenges.The integration of AI in healthcare requires careful consideration of data protection.Networking and Wi-Fi security play a vital role in maintaining cybersecurity.Data security is essential to maintain patient confidence and protect sensitive healthcare information.
Chapters
00:00 Introduction
06:31 Balancing Security and User-Friendly Environments
11:31 Challenges of Interfacing with External Organizations
12:48 The Role of AI in Healthcare and Data Protection
13:43 Networking and Wi-Fi Security

Summary
In this conversation, Geoff Hancock interviews Brian Weidner and Chris Skinner about incident response. They discuss the importance of building strong relationships with the C-suite and legal department, as well as the value of having a trusted incident response company on retainer. They also touch on the challenges of incident response in the critical infrastructure sector and the potential impact of new reporting requirements proposed by DHS. The conversation explores the recently released NIST incident response document and the need for organizations to tailor their incident response plans to their specific needs. The guests emphasize the importance of preparation, communication, and continuous improvement in incident response.

Takeaways
Building strong relationships with the C-suite and legal department is crucial for effective incident response.Having a trusted incident response company on retainer can streamline the response process.New reporting requirements proposed by DHS may add additional burden to organizations already dealing with regulatory reporting.The recently released NIST incident response document provides valuable guidance for organizations, but it should be tailored to each organization's specific needs.Preparation, communication, and continuous improvement are key elements of successful incident response.
Chapters
00:00 Introduction and Importance of Relationships
19:08 New Reporting Requirements and Collaboration with Government Agencies
32:24 The Value of the NIST Incident Response Document

Summary
Geoff Hancock joined Allan Alford on The Cyber Ranch Podcast to discuss effective communication strategies for CISOs. They emphasize the importance of prioritizing clarity in communication, using strategic storytelling, and practicing crisis communication. They also highlight the significance of engaging stakeholders proactively, leveraging data in decision-making, and bolstering leadership presence. Additionally, they discuss the value of emphasizing followership and establishing a feedback loop. The conversation concludes with a discussion on using tools and strategies for effective communication, such as the NIST Cybersecurity Framework and the concept of a management operating system.
Chapters
00:00 Introduction
03:51 Strategic storytelling
08:25 Crisis communication
11:42 Engaging stakeholders proactively
13:37 Leveraging data in decision-making
16:28 Bolstering leadership presence
25:34 Establishing a feedback loop
31:24 Using tools and strategies for effective communication