#156 - SMB CISO Challenges (with Kevin O’Connor)

In this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detection and response systems. The discussion also delves into the increasing threat of ransomware and the critical importance of managing data vulnerabilities and providing security awareness training.

Big Thanks to our Sponsor: Adlumin - https://adlumin.com/

Transcripts: https://docs.google.com/document/d/1V_qkMFdGC4NRLCG-80gcsiSA8ikT8SwP

Youtube: https://youtu.be/diCZfWWB3z8

Chapters

• 00:12 Introduction and Sponsor Message
• 01:42 Guest Introduction: Kevin O'Connor
• 02:29 Discussion on Cybersecurity Roles and Challenges
• 03:20 The Importance of Defense in Cybersecurity
• 04:23 The Role of Managed Security Services for SMBs
• 07:26 The Cost and Staffing Challenges of In-House SOCs
• 14:41 The Value of Managed Security Services for Legal Firms
• 16:30 The Threat Landscape for Small and Mid-Sized Banks
• 18:19 The Difference Between Compliance and Security
• 20:08 Understanding the Reality of Cybersecurity
• 20:45 The Challenges of Building IT Infrastructure
• 21:08 Outsourcing vs In-house Security Management
• 21:55 The Importance of Understanding Your Data
• 22:43 Security Operations Center vs Security Operations Platform
• 24:21 The Role of Managed Detection and Response
• 24:54 The Importance of Quick Response in Security
• 28:07 The Threat of Ransomware and Data Breaches
• 34:31 The Role of Pen Testing in Cybersecurity
• 36:33 The Growing Threat of Ransomware
• 38:28 The Importance of Security Awareness Training
• 40:42 The Role of Incident Response and Forensics
• 42:11 Final Thoughts on Cybersecurity