In 1995, Craig Newmark started curating a list of San Francisco arts and technology events, which he personally emailed to friends and colleagues. People were soon calling it “Craig’s List.” Most know the rest of the story. But what did that rapid entry into tech entrepreneurship teach him about information security? And how did that lead to a passion for, among other things, cyber philanthropy? SC Media's Jill Aitoro will speak to Newmark about his career, and his own evolution in infosec aware...
Aug 17, 2022•1 hr 13 min
In the leadership and communications section, The Number 1 Growth Killer is Leadership Debt, How to Talk to Your Board & C-Suite About Cybersecurity, 5 ways to unite security and compliance, and more! Zero Trust is the security buzzword of the moment, and while it is a very powerful approach, nearly every enterprise security product on the market – and some that aren’t even security products — are saying they enable Zero Trust. The problem is this: you can’t buy zero trust. It’s an approach,...
Aug 09, 2022•1 hr 8 min
Neal Bridges, CISO at Query.AI and well-known cybersecurity influencer, breaks down the key differences between the CISO role at a startup vs. an enterprise. He also provides best practices to be successful in this changing role. In the leadership and communications section, CISOs: Embrace a common business language to report on cybersecurity, The Strategic Impact of Verizon's 2022 Data Breach Investigations Report, Make Shy Employees Part of Your Cybersecurity Strategy, and more! Visit https://...
Aug 04, 2022•1 hr 2 min
In the Leadership and Communications section, Uber CISO's trial underscores the importance of truth, transparency, and trust, 4 Leadership Strategies to Help Women Advance in the Tech Industry, 5 Best Predictors of Employee Turnover and What Leaders Should Do About Them, and more! Data is the most valuable resource on the planet; but, as businesses collect and store data at an astonishing pace, data sprawl, volume, and diverse storage environments create a security nightmare. With support for hu...
Jul 27, 2022•1 hr 4 min
Boards and CEOs are asking what their cyber risk posture is, and they aren't getting clear answers. Reports produced from assessments oftentimes are built on stale data rather than real-time compliance and risk data. How should C-levels be thinking about cybersecurity posture reporting, and how can they manage cyber risk in real-time as opposed to point-in-time? This segment is sponsored by CyberSaint. Visit https://securityweekly.com/cybersaint to learn more about them! In the leadership and co...
Jul 27, 2022•58 min
In the leadership and communications section, 5 Cybersecurity Questions CFOs Should Ask CISOs, How Leaders Can Escape Their Echo Chambers, 10 Cybersecurity Compliance Statistics That Show Why You Must Up Your Cybersecurity Game, and more! Most current security risk assessments are not effective. Doug Landoll joins BSW to explain how we can fIx this. Doug will share 5 Essential Elements of an Effective Security Risk Assessment, including: - Scoping, Scheduling, and Champions - Team Structure - Da...
Jul 25, 2022•52 min
In the leadership and communications section, How CISOs can prepare for new and unpredictable cyberthreats, 8 Leadership and Management Principles from Ex-Navy Seal, Practice Transparent Leadership, and more! IIoT infrastructure protection requires immediate attention. Barracuda just released key findings from a report titled "The state of industrial security in 2022," that covers the following: • The network breaches, ransomware attacks, and other security incidents businesses are facing • The ...
Jul 20, 2022•1 hr
In the Leadership and Communications segment: How to build a cyber capable board, Who Is Legally Responsible for a Cyber Incident?, Building a security culture of 'Yes', and more! This edition of Security money is a 2 quarter update for both Q1 2022 and Q2 2022. That's what happens when you have a lot of interest and interviews. Although the SW25 Index is down, it's still outperforming the Nasdaq! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https:/...
Jul 16, 2022•1 hr 5 min
There was a time when the perceived wisdom was to buy best of breed security technologies and that would do for your security program. Trouble of is, none of it integrates with each other or your wider IT. With budgets getting tighter, security pros are being asked to look again at big portfolio security providers and work out whether they can use their offerings to slim down. In this session I'll discuss what I'm hearing from our customers, and some of the things we are starting to see people d...
Jul 15, 2022•1 hr 11 min
What does a CISO do all day? Do they eat bon-bons and read the WSJ? Do they read Threatpost or BleepingComputer or Twitter? Why does a company need a CISO, or better still, do they need one? All these questions and more will be answered in this weeks episode. Segment Resources: https://www.cbts.com/security/security-services/ https://www.cbts.com/blog/cloud-security-controls-mitigate-risk/ https://www.cbts.com/blog/weighing-risks-benefits-moving-to-the-cloud-part-1/ https://www.cbts.com/blog/wha...
Jul 11, 2022•56 min
In the Leadership and Communications section, Being concerned is not enough – What boards should know and do about cybersecurity, In the Case of Cybersecurity, the Best Defense is Education, Reskilling workers can help meet the cybersecurity staffing challenge, and more! Defining Cyber Risk With Bryan Ware This year, RSAC is happening amidst the backdrop of major geopolitical tensions with cyber impacts; a continued, lingering pandemic and a potential economic downturn that cyber adversaries can...
Jul 11, 2022•1 hr 3 min
This week, we start off with an interview featuring Mike Ernst, VP of Sales Engineering, Worldwide at ExtraHop! Then, in the Leadership & Communications section: 6 information governance best practices, The Seven Deadly Sins Of Leadership, Secrets to building a healthy CISO-vendor partnership, & more! This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Fol...
May 10, 2022•57 min
In our first segment: Dave Klein, Cybersecurity Evangelist at Cymulate joins Business Security Weekly to discuss the value of "Extended Security Posture Management"! Then In the Leadership and Communications section for this week: SolarWinds breach lawsuits: 6 takeaways for CISOs, Navy Seals’ 5 Leadership Principles That Will Transform Entrepreneurs Into Influential Leaders, More Powerful People Express Less Gratitude, & more! This segment is sponsored by Cymulate. Visit https://securityweek...
May 06, 2022•54 min
This week, Senior Analyst Jess Burn will go highlight Forrester's eight security program recommendations for 2022 that will help security leaders take full advantage of their political capital — and budget — to resolve perennial problems and tackle emerging issues. In the Leadership and Communications section: What cybersecurity metrics should I report to my board?, Cybersecurity litigation risks: 4 top concerns for CISOs, The SEC Is About To Force CISOs Into America’s Boardrooms, and more! Show...
Apr 28, 2022•58 min
This week, Tim Woods, VP Technology Alliances at Firemon, joins BSW to discuss how centralized policy management can provide the visibility, enforcement, and compliance of policies across hybrid cloud environments. In the leadership and communications section, 10 Signs of a Good Security Leader, Toxic Leadership: The Four Horsemen of the Apocalypse, Know Them, 3 Ways to Take Control of Your Cyber Security Career in 2022, and more! With an ever expanding perimeter, how do organizations address th...
Apr 20, 2022•1 hr 5 min
By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques. FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedure...
Apr 13, 2022•57 min
As the world shifted to remote work, then hybrid work, organizations have struggled with legacy technologies to solve the security challenges of this new way of working. But what if you could use the PC platform, coupled with endpoint isolation, to create a highly efficient and productive platform for users? Jonathan Gohstand from HP Wolf joins Business Security Weekly to discuss the challenges and how endpoint isolation can: - improve your overall risk management - reduce the complexity of mult...
Apr 07, 2022•59 min
Every CISO CIO asks the question, what's the risk? Quantitative analysis, mathematical models are designed to answer this question. Understand how they work, when to use them, and what they can tell us. In the Leadership and Communications section: Cybersecurity Threat Level is High; Be Pro-Active, Cyber Risk Quantified is Cyber Risk Managed, 5 Ways Managers Sabotage the Hiring Process, and more! Show Notes: https://securityweekly.com/bsw256 Segment Resources: https://www.amazon.com/Ensure-Busin...
Mar 30, 2022•55 min
The most recent trends in social engineering, the latest methods attackers are using to trick their victims, and the best practices to protect your business from these evolving threats. In the Leadership and Communications section: What the Newly Signed US Cyber-Incident Law Means for Security, How to plan for increased security risks resulting from the Great Resignation, The 5 Pillars of Growth, and more! Show Notes: https://securityweekly.com/bsw255 Segment Resources: https://assets.barracuda....
Mar 24, 2022•54 min
It doesn't matter how much security technology you have, how much you spend on security: security outcomes are achieved by doing all the little things right. You can spend $10M on network security technology from any vendor, but you will fail to effectively secure your enterprise if you don't properly manage the policy enforced by those firewalls. That sounds really simple, but simple doesn't scale. If you only have a few firewalls with policies consisting of tens of rules, it may be simple. But...
Mar 17, 2022•58 min
Something is seriously wrong with our current approach to cybersecurity––the more we spend, the worse the situation becomes. In an industry plagued by a chronic talent shortage, one thing is clear: simply throwing another tool in the mix isn’t the path to better security. If we’re going to solve the security paradox, we’re going to need a cross-functional, in-depth analysis of the problem and a structured approach to fixing it. Michael McPherson joins Business Security Weekly to share tactical q...
Mar 09, 2022•59 min
Ransomware developments we saw over the past year—along with a look ahead at what to expect in 2022. In the Leadership and Communications section, Answer this question to assess your leadership, Partner Across Teams to Create a Cybersecurity Culture, The Future of Cyber Insurance, and more! Show Notes: https://securityweekly.com/bsw252 Visit https://securityweekly.com/barracuda to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: h...
Mar 02, 2022•1 hr 3 min
The Business Information Security Officer, or BISO, is relatively new and somewhat controversial role. Does this role act as the CISO's non-technical liaison to the business units or as the CISO's deputy to oversee strategy implementation at a granular level? Is this new role a necessary career path for future CISOs or an entry point into security? The BSW hosts debate! In the Leadership & Communications section for this week: What Is Security?, How to Team Up with IT for Cybersecurity, Exec...
Feb 24, 2022•1 hr 6 min
This week, we welcome John Wheeler, CEO at Wheelhouse Advisors, and Padraic O'Reilly, Chief Product Officer & Co-Founder at CyberSaint, to discuss why it's Time To Move Away From "G - little R - Big C" (GRC)! In the Leadership and Communications section, 5 Leadership Lessons General Marshall can Teach Us, Cybersecurity incident response: The 6 steps to success, 6 Effective Tips to Politely Say No (that actually work!), and more! Show Notes: https://securityweekly.com/bsw250 Visit https://sec...
Feb 16, 2022•59 min
This week, we welcome Ann Marie van den Hurk, Small Business Cybersecurity Champion at Mind The Gap Cyber, to talk about Effective Communications During & After a Cyber Attack! In the Leadership and Communications section, Cybersecurity Policy Creation: Priority One, 5 steps to run a successful cybersecurity champions program, The war for cloud and cybersecurity talent is on! , and more! Show Notes: https://securityweekly.com/bsw249 Visit https://www.securityweekly.com/bsw for all the latest...
Feb 09, 2022•1 hr 4 min
Dan Matthews, Director, Worldwide Sale Engineering from Constella Intelligence, will discuss the challenges with digital risk protection and how to protect your executives, employees, and corporate brand. In the Leadership and Communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more! Show Notes: https://securityweekly.com/bsw248 Visit https://securitywe...
Feb 02, 2022•57 min
Enabling the business requires a nuanced view of verticalization and what it means to an enterprise. Why is this important as CISO’s think about how to apply cyber to enterprise resiliency? Mark Fernandes, Global Chief Technology Officer, Security, Risk, and Governance Solutions from MicroFocus, joins us to provide an overview of their Galaxy platform that aligns threats to prioritized risk activities. In the Leadership and Communications section, Mastering Art and Science Is Imperative for CISO...
Jan 26, 2022•1 hr 1 min
The Security Weekly 25 index has finally cooled off, closing at 2226.93 on January 13th, 2022, which is an increase of 122.69% (down from last Q) since inception. The NASDAQ Index closed at 14,806.81 on January 13th, 2022, which is an increase of 123.15% (down from last Q) during the same period. It hit another all-time high of 16,057.44 during the quarter. Then, in the Leadership and Communications segment, Arming CISOs With the Skills to Combat Disinformation, Is the 'Great Resignation' Impact...
Jan 14, 2022•56 min
How cloud resources are architected and utilized is different for every organization, but whether cloud native or cloud traditionalist – security risk and complexity are problems. Concerns over account takeover, overprivileged access and the struggle to keep pace with the dynamism of the cloud are driving demand for a better way to secure access. Hear Colby Dyess, Director of Product at Appgate, discuss how the principles of Zero Trust strengthen and simplify access controls across varying cloud...
Jan 13, 2022•59 min
Throughout her career, Sandy Dunn has continued to mature and refine her skills. In the early days, she describes her job as a "hostage negotiator", constantly negotiating between the business teams and the security team. But as you mature, so does your approach to security. Now, Sandy talks about simplifying "knowledge management" to make it easy to understand security and becoming a "business listener" to make the right decisions. In the leadership and communications section, The Office of the...
Dec 22, 2021•58 min
