Episoder
-
Jess and Adam discuss cloud security challenges for SMBs, emphasizing strategic planning, compliance with regulations like CMMC, and vendor due diligence. They highlight common pitfalls like the illusion of security and inadequate staffing while offering cost-effective solutions like virtual CISOs. Practical tips help SMBs secure their data, navigate legal concerns, and maximize available resources.
This segment is sponsored by Fortinet Cloud Security. Visit https://cisostoriespodcast.com/fortinet to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-205
-
In this episode, we dive into the critical role of proper configurations in cloud environments and why misconfigurations remain the leading cause of security breaches. From overly permissive access controls to unencrypted data stores and default credentials left unchanged, we explore real-world examples that adversaries exploit. Learn how organizations can mitigate these risks through proactive monitoring, automated tools, and a culture of security-first thinking. Tune in to uncover actionable insights to keep your cloud infrastructure secure.
This segment is sponsored by Fortinet Cloud Security. Visit https://cisostoriespodcast.com/fortinet to learn more about them!
Segment Resources: CoGuard CLI (Select cloud resources can be scanned with a free account): https://portal.coguard.io/auth/realms/coguard/protocol/openid-connect/auth?clientid=client-react-frontend&redirecturi=https%3A%2F%2Fportal.coguard.io%2F&state=7cd7e2ac-aa64-497d-8957-f0b8be3e2f8d&responsemode=fragment&responsetype=code&scope=openid&nonce=86649c48-03f3-44c1-9612-560d42e049d9
More info on the CoGuard CLI on Github: https://github.com/coguardio/
Open AI grant: https://openai.com/index/empowering-defenders-through-our-cybersecurity-grant-program/
Open AI research results on Github: https://github.com/coguardio/coguardopenairuleautogeneration_research
Securing Multi Cloud Environments - Tips from Nadia's co-founder/CTO - blog: https://www.coguard.io/post/securing-multi-cloud-environments
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-204
-
Manglende episoder?
-
Bertrum Carroll dives into the evolution of cloud service adoption, comparing early concerns—like data storage, access, and usage—to current apprehensions about AI. We explore how leadership can empower teams with the right training to harness technology effectively. Learn why understanding the shared responsibilities between providers and customers is critical for cloud security success.
This segment is sponsored by Fortinet Cloud Security. Visit https://cisostoriespodcast.com/fortinet to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-203
-
In this episode, we’re joined by Tammy Klotz, a 3x CISO in the manufacturing industry, to explore identity security challenges in manufacturing environments. Tammy discusses the differences in access management for frontline workers versus knowledge workers, touching on the unique devices and role-based training requirements. Tune in to learn how tailored security solutions are key to managing access across diverse user groups in industrial settings.
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-202
-
In this episode of CSP, we sit down with Dr. Sean Murphy, the CISO of BECU, one of Seattle’s largest credit unions, to discuss the shifts in identity security brought on by the COVID-19 pandemic. Dr. Murphy highlights how Zero Trust architecture became crucial for verifying internal users, especially as remote work became the norm. He shares insights on the unique challenges of securing a remote workforce in the banking sector and underscores the importance of a robust identity security framework in protecting both members and employees in today’s evolving threat landscape. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-201
-
Let’s talk about what CISOs look for when hiring identity and access management team members. What training and experience is most attractive for the business and team.
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-200
-
Guessing the answer is yes. Well, let's talk about some of the simple ways you can avoid account compromises by strengthening your identity security through MFA, least privilege, account reviews, and all the things!
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-199
-
Let's talk about how important having a customer success manager, or equivalent, to assist you with your tool integration can make the difference between resource fatigue and success. On top of having solid relationships with our tool vendors, long time CISO Jake Lorz, shares with us how important tool interoperability is, proper governance reviews, and looking at your organization's security strategy when planning for current and future tool selection.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-198
-
Let's talk to cybersecurity expert, Lalisha Hurt, about her approach to selecting the right tools for your organization by using proven methods such as referencing the Gartner Magic Quadrant, thinking about the entire IT portfolio as part of your selection process, and what a successful 'Vendor Day' can do!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-197
-
What if there was more to making those impactful decisions that you haven’t considered?
Let’s talk about how being open minded can directly impact the success of tool selection and optimization in your company. Is a SOC report enough or are there other criteria needed to make that risk based decision? Let’s discuss cognitive biases in tool selection with researcher Dr. Dustin about why it benefits your organization to be eyes open.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-196
-
Let’s talk to our favorite Tokyo security leader about how she has experienced tool selection across the world. To be risk adverse or not to be risk adverse. What a question!
Segment Resources: https://www.youtube.com/watch?v=BdFzJxSemKo
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-195
-
Hear from expert TimBall, CISO for NGO-ISAC, on his experiences in the industry and how he advises his members on finding the right tool. Especially when it comes to making sure the tool isn’t a ‘shiny object’ purchase but actually addressing your organizations underlying issues and bringing value! Bonus, let’s talk about election security!
Segment Resources: https://www.ngoisac.org/
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-194
-
Let’s talk about how regardless of your organizations data footprint being in the cloud or on prem, or if you’re a billion dollar organization or smaller, if the adversaries want in, they will find a way. Don’t fall victim because of bad cyber hygiene but instead work your experiences, your leadership, and train your people to limit exposure. Hear from Incident Response expert, Levone Campbell, on the lessons he learned in being proactive and reactive to some of the largest incidents in history.
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-193
-
Let’s talk about the vCISO’s approach to Incident Response advisory with clients; particularly small and medium sized businesses (SMB). How can your cyber liability insurance support your organization outside of when an incident occurs? We will discuss strategies SMBs can take to strengthen their IR plans while keeping in mind their business needs and contingency plans.
Segment Resources: https://www.linkedin.com/in/wilklu/
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-192
-
Listen to the importance of legal relationships and interaction with the CISO and security program. Jess and Joe talk about the need for legal to understand the security team's day to day and also what incident response means to your organization. Bringing your legal reps into the folds when a breach happens is too late! Work as a team early to make sure all parties are knowledgeable and ready to act without time wasted.
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-191
-
Todd Fitzgerald will be moving on from the CISO STORIES podcast after 185+ episodes, which was initiated almost 4 years ago following the publication of the #1 Best-Selling CISO COMPASS book, which has guided 1000’s of emerging, current, experienced, and new CISOs and their teams in their journey to protect our organizations’ and nation’s information assets through a structured, business-oriented roadmap. Over 75 CISO and industry leader contributors to the book had their ‘grey boxes’ come to life in their own voice through this podcast. Since then, many esteemed CISOs have been on the invitation-only podcast to share practical, pragmatic experiences on timely, relevant issues.
We learn from each other, and it is an honor to interview such top-notch CISOs. Join us as Todd shares his view of the evolution of the CISO role and where it is going. Todd will also share some of the memorable moments and messages from producing the podcast.
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-190
-
Vulnerabilities are the ‘front doors’ for attackers to infiltrate our systems and a key process organizations must get right into order to protect our systems and information assets. Join us as we discuss vulnerability management, identification of assets, prioritization, threat intelligence, leveraging tools, desired vulnerability product features, business impact and vulnerability measurement timing.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-189
-
Rapid advancement in the sophistication and availability of "deepfake" technology enabled by generative AI - the ability to generate convincing multimedia and interactive representations indistinguishable from the real thing - presents new and growing challenges for CISOs seeking to combat fraud, intrusion, disinformation, and other adverse consequences of social engineering. CISOs will need to maintain enhanced understanding of deepfake technology to craft and manage effective controls - yet some of the most effective controls may be surprisingly low-cost and low-tech. This podcast will examine the state of practice for deepfake generation and distribution and discuss effective countermeasures and controls for common threat typologies.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-188
-
Managing vulnerabilities is a large, complex problem that can't be completely fixed. And still, many cybersecurity organizations continue with a traditional approach that attempts to address all vulnerabilities, spreading staff too thin and increasing exploitation windows. With a small set of vulnerabilities being the cause of most of the breaching, taking a focused approach can have a significant impact on reducing the risk of successful cyber attacks.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-187
-
Join us as we discuss how critically important it is for a CISO to establish, maintain, and frequently leverage in informal network. With almost daily changes in the threat landscape across all industries, it's critical to have informal but trusted resources to rely on for advice, information, and just overall "sounding board" opportunities.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-186
- Vis mere