Эпизоды
-
In this episode, we’re joined by Tammy Klotz, a 3x CISO in the manufacturing industry, to explore identity security challenges in manufacturing environments. Tammy discusses the differences in access management for frontline workers versus knowledge workers, touching on the unique devices and role-based training requirements. Tune in to learn how tailored security solutions are key to managing access across diverse user groups in industrial settings.
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-202
-
In this episode of CSP, we sit down with Dr. Sean Murphy, the CISO of BECU, one of Seattle’s largest credit unions, to discuss the shifts in identity security brought on by the COVID-19 pandemic. Dr. Murphy highlights how Zero Trust architecture became crucial for verifying internal users, especially as remote work became the norm. He shares insights on the unique challenges of securing a remote workforce in the banking sector and underscores the importance of a robust identity security framework in protecting both members and employees in today’s evolving threat landscape. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-201
-
Пропущенные эпизоды?
-
Let’s talk about what CISOs look for when hiring identity and access management team members. What training and experience is most attractive for the business and team.
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-200
-
Guessing the answer is yes. Well, let's talk about some of the simple ways you can avoid account compromises by strengthening your identity security through MFA, least privilege, account reviews, and all the things!
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-199
-
Let's talk about how important having a customer success manager, or equivalent, to assist you with your tool integration can make the difference between resource fatigue and success. On top of having solid relationships with our tool vendors, long time CISO Jake Lorz, shares with us how important tool interoperability is, proper governance reviews, and looking at your organization's security strategy when planning for current and future tool selection.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-198
-
Let's talk to cybersecurity expert, Lalisha Hurt, about her approach to selecting the right tools for your organization by using proven methods such as referencing the Gartner Magic Quadrant, thinking about the entire IT portfolio as part of your selection process, and what a successful 'Vendor Day' can do!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-197
-
What if there was more to making those impactful decisions that you haven’t considered?
Let’s talk about how being open minded can directly impact the success of tool selection and optimization in your company. Is a SOC report enough or are there other criteria needed to make that risk based decision? Let’s discuss cognitive biases in tool selection with researcher Dr. Dustin about why it benefits your organization to be eyes open.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-196
-
Let’s talk to our favorite Tokyo security leader about how she has experienced tool selection across the world. To be risk adverse or not to be risk adverse. What a question!
Segment Resources: https://www.youtube.com/watch?v=BdFzJxSemKo
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-195
-
Hear from expert TimBall, CISO for NGO-ISAC, on his experiences in the industry and how he advises his members on finding the right tool. Especially when it comes to making sure the tool isn’t a ‘shiny object’ purchase but actually addressing your organizations underlying issues and bringing value! Bonus, let’s talk about election security!
Segment Resources: https://www.ngoisac.org/
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-194
-
Let’s talk about how regardless of your organizations data footprint being in the cloud or on prem, or if you’re a billion dollar organization or smaller, if the adversaries want in, they will find a way. Don’t fall victim because of bad cyber hygiene but instead work your experiences, your leadership, and train your people to limit exposure. Hear from Incident Response expert, Levone Campbell, on the lessons he learned in being proactive and reactive to some of the largest incidents in history.
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-193
-
Let’s talk about the vCISO’s approach to Incident Response advisory with clients; particularly small and medium sized businesses (SMB). How can your cyber liability insurance support your organization outside of when an incident occurs? We will discuss strategies SMBs can take to strengthen their IR plans while keeping in mind their business needs and contingency plans.
Segment Resources: https://www.linkedin.com/in/wilklu/
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-192
-
Listen to the importance of legal relationships and interaction with the CISO and security program. Jess and Joe talk about the need for legal to understand the security team's day to day and also what incident response means to your organization. Bringing your legal reps into the folds when a breach happens is too late! Work as a team early to make sure all parties are knowledgeable and ready to act without time wasted.
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-191
-
Todd Fitzgerald will be moving on from the CISO STORIES podcast after 185+ episodes, which was initiated almost 4 years ago following the publication of the #1 Best-Selling CISO COMPASS book, which has guided 1000’s of emerging, current, experienced, and new CISOs and their teams in their journey to protect our organizations’ and nation’s information assets through a structured, business-oriented roadmap. Over 75 CISO and industry leader contributors to the book had their ‘grey boxes’ come to life in their own voice through this podcast. Since then, many esteemed CISOs have been on the invitation-only podcast to share practical, pragmatic experiences on timely, relevant issues.
We learn from each other, and it is an honor to interview such top-notch CISOs. Join us as Todd shares his view of the evolution of the CISO role and where it is going. Todd will also share some of the memorable moments and messages from producing the podcast.
This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://cisostoriespodcast.com/semperis
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-190
-
Vulnerabilities are the ‘front doors’ for attackers to infiltrate our systems and a key process organizations must get right into order to protect our systems and information assets. Join us as we discuss vulnerability management, identification of assets, prioritization, threat intelligence, leveraging tools, desired vulnerability product features, business impact and vulnerability measurement timing.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-189
-
Rapid advancement in the sophistication and availability of "deepfake" technology enabled by generative AI - the ability to generate convincing multimedia and interactive representations indistinguishable from the real thing - presents new and growing challenges for CISOs seeking to combat fraud, intrusion, disinformation, and other adverse consequences of social engineering. CISOs will need to maintain enhanced understanding of deepfake technology to craft and manage effective controls - yet some of the most effective controls may be surprisingly low-cost and low-tech. This podcast will examine the state of practice for deepfake generation and distribution and discuss effective countermeasures and controls for common threat typologies.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-188
-
Managing vulnerabilities is a large, complex problem that can't be completely fixed. And still, many cybersecurity organizations continue with a traditional approach that attempts to address all vulnerabilities, spreading staff too thin and increasing exploitation windows. With a small set of vulnerabilities being the cause of most of the breaching, taking a focused approach can have a significant impact on reducing the risk of successful cyber attacks.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-187
-
Join us as we discuss how critically important it is for a CISO to establish, maintain, and frequently leverage in informal network. With almost daily changes in the threat landscape across all industries, it's critical to have informal but trusted resources to rely on for advice, information, and just overall "sounding board" opportunities.
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-186
-
Join us as we discuss the organization’s GRC program and how GRC helps drive the business of information security from internal and external perspectives to integrate security into the culture, while maintaining compliance with regulations imposed for insurance and public companies.
Segment Resources:
Webcast: https://www.scmagazine.com/cybercast/the-regulatory-landscape-in-2030-what-you-need-to-know
Podcast (Enterprise Security Weekly): https://www.scmagazine.com/podcast-segment/11416-the-rise-of-regops-the-need-for-compliance-automation-travis-howerton-esw-313
News/interview: https://www.scmagazine.com/news/generative-ai-not-just-revolutionary-but-evolutionary
This segment is sponsored by RegScale. Visit https://cisostoriespodcast.com/regscale to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-185
-
CISOs need to enhance their strategic influence and operational impact within their organizations. This calls for a departure from traditional, insular security approaches towards a partnership model that aligns security initiatives with business growth and value. By adopting an attitude of listening, humility, and interdisciplinary collaboration, CISOs can transcend fear-based justifications for investment and instead, demonstrate how robust cyber security measures contribute to the overall health and success of the business. Such an evolution in the CISO role is essential for building resilient, forward-looking organizations that view security as a cornerstone of their strategic endeavors.
In the combined context of Resilience and Reputation and Trust, CISOs must orchestrate a delicate balance between robust defensive measures and the cultivation of a strong, trustworthy brand. At this juncture, resilience becomes more than just a technical safeguard; it is about ensuring the continuity and reliability that stakeholders have come to expect. This reliability directly feeds into the organization's reputation, setting the stage for trust to be the cornerstone of all engagements—internal and external. The journey from a reactive security posture to one that is proactive and business-aligned requires that CISOs embed security consciousness into the corporate DNA. As they reach these advanced stages, CISOs transform their roles from protectors to strategic enablers, guiding their organizations through the digital landscape with a clear vision for safeguarding and enhancing both operational fortitude and brand integrity. Security thus becomes an integral part of the value proposition, fostering trust and loyalty among customers, and cementing the organization's reputation as a leader in responsible business practices in the digital age.
Segment Resources:
Webcast: https://www.scmagazine.com/cybercast/the-regulatory-landscape-in-2030-what-you-need-to-know
Podcast (Enterprise Security Weekly): https://www.scmagazine.com/podcast-segment/11416-the-rise-of-regops-the-need-for-compliance-automation-travis-howerton-esw-313
News/interview: https://www.scmagazine.com/news/generative-ai-not-just-revolutionary-but-evolutionary
This segment is sponsored by RegScale. Visit https://cisostoriespodcast.com/regscale to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-184
-
With the vast number of cybersecurity solutions in the marketplace, how do you identify what fits with your company’s strategic goals, then deploy and scale in a reasonable timeframe? Hear a CISO who has built a methodology for assessing and implementing new security technologies and successfully used it at several large global enterprises.
Segment Resources:
Webcast: https://www.scmagazine.com/cybercast/the-regulatory-landscape-in-2030-what-you-need-to-know
Podcast (Enterprise Security Weekly): https://www.scmagazine.com/podcast-segment/11416-the-rise-of-regops-the-need-for-compliance-automation-travis-howerton-esw-313
News/interview: https://www.scmagazine.com/news/generative-ai-not-just-revolutionary-but-evolutionary
This segment is sponsored by RegScale. Visit https://cisostoriespodcast.com/regscale to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Show Notes: https://cisostoriespodcast.com/csp-183
- Показать больше
