The Importance of Software Build of Materials

This week Rafeeq Rehman returns to discuss the 2023 updates to the CISO Mindmap. Note you can find his work here: https://rafeeqrehman.com/2023/03/25/ciso-mindmap-2023-what-do-infosec-professionals-really-do/

Thanks to our two sponsors for this episode.

1) Prelude: https://www.preludesecurity.com/

2) Risk3Sixty - Get a free copy of The Five CISO Archetypes eBook from risk3sixty. By reading this eBook, you will discover your strengths, weaknesses, areas where you need support from your team, and the types of organizations you best fit. The eBook also provides the tools to analyze organizations to understand their security priorities better. You will be able to use these tools to identify organizations that would most benefit from your natural strengths as a security leader. Organizations that you will love to work with and that would love to have you as part of their team. The steps outlined in this book will make you a more effective security leader and more satisfied with your career.

https://risk3sixty.com/whitepaper/five-ciso-archetypes-ebook/?utm_source=cisotradecraft&utm_medium=podcast&utm_campaign=2023-ct&utm_term=1week&utm_content=ebook

Transcripts: https://docs.google.com/document/d/1tFhZ6DdzwG12dYXvuVpaZdmfNWBVFswx 

Chapters

• 00:00 Introduction
• 03:36 How to Write a Book
• 05:32 How to Master a Security Tool
• 09:19 Updating the Mind Map for 2023 and 2024
• 13:12 How to Resiliently Respond to Ransomware Attacks
• 16:15 The Importance of Redundancy in Security
• 19:18 How to Manage Your Security Budget Effectively
• 22:43 Building a Brand for a Security Organization
• 26:10 Untangle the Application Web of Components
• 29:38 The Importance of Software Build of Materials
• 33:28 How to Automate Security Operations
• 36:31 The Six Importances of a Security Mind Map
• 38:43 The Future of Generative AI
• 40:47 The Future of CISO Tradecraft