Allison Miller, CISO at Reddit, discusses the challenges across stakeholders from end-users to service providers in addressing the nexus of Security, Privacy and Trust? Should they be equally weighted? In what circumstances does the need for one outweigh the need for the others? What does the future hold for our efforts to find the right balance between them?   Show Notes: https://securityweekly.com/csp41 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

The interviewee created the landmark ‘gold standard’ policy guidance in the book Information Security Policies Made Easy, now in its 13th version, and has extensively researched and helped organizations develop relevant policies. This podcast discusses the 5 key mistakes individuals make in creating and delivering policies to the organization.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_Charles_Cresson_Wood_Article.pdf   Wood, C. 2019. Five Pitfalls to Avoid When Issuing Information Security and Privacy Policies In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 413. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Learn how to prepare and reduce the risk of the next ransomware event. The guest walks through the lessons learned after managing out of a NotPetya ransomware attack. Will you be ready? Don’t miss this podcast for valuable insights from a real-life scenario.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_Todd_Inskeep_Article.pdf   Inskeep, T. 2019. Dealing with Notpetya. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 204. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp39 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

October is Security Awareness Month! Security Awareness programs must grab the employee’s attention if they are to succeed. Join the interviewee as he explains how he successfully engaged the workforce through creative and visible security awareness methods!   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_Steven_Lentz_Article.pdf   Lentz, S. 2019. Security Awareness That Works. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 151. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp38 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! https://www.securityweek.com/nist-publishes-cybersecurity-workforce-framework https://www.securityweek.com/professionalizing-cybersecurity-practitioners-0 https://www.securityweek.com/cylance-launches-next-gen-endpoint-security-consumers https://www.securityweek.com/cisos-and-quest-cybersecurity-metrics-fit-business https://www.securityweek.com/whats-real-value-cost-breach-studies   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Kathy Wang, CISO at Very Good Security, discusses challenges in extending detection and response capabilities to cloud deployments while also ensuring correlations across traditional networks, endpoints, mobile, and user identities. She explains how managing multi-cloud deployments impact this approach, and how organizations can ensure they have the visibility required to detect and remediate earlier.   Show Notes: https://securityweekly.com/csp37 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Every organization must be able to respond to an attack quickly. Join this podcast to learn key steps to implement in an incident response plan without breaking the bank. Sam approaches this issue by simplifying incident response into the 3 ‘P’s.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_Sam_Monasteri_Article.pdf Monasteri, S. 2019. Security from Scratch: Incident Response on a Shoestring Budget. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 161. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp36 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

All organizations must have security awareness training programs to teach basics to end users. Similarly, the technical teams need to be exposed to flexible training that is interesting to them. Join this podcast to learn how to bring company groups together and form your own DEFCON-type event in-house or in partnership with other organizations.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_Kevin_Novak_Article.pdf   Novak, K. 2019. Fiscally Responsible Ways to Train/Build Community. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 153. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp35 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Figuring out what to do after a breach is the wrong time to start the planning process. Communications strategies must be in place well beforehand and there are many benefits to the cybersecurity program for implementing these strategies in advance. Join this podcast to understand how teams benefit from relationships with communication and public relation specialists on their teams.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_Melanie_Ensign_Article.pdf   Ensign, M. 2019. Importance of Communications before, during, and after the Breach. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 191. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp34 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Rachel, CEO of SocialProof Security, delves into the inner-workings of social engineering exploits where she leverages her background in neuroscience and behavioral psychology to exploit the unpatchable vulnerability that is human nature.   This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

It seems CISOs are typically lamenting that the security budgets are insufficient. While this can represent a significant problem in achieving information security goals, what happens when you get the funding you asked for and asked to spend it in less time than expected? Join this session for an investment lesson learned you won’t want to miss!   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/07/CISOSTORIES_James_Christiansen_Article.pdf Christiansen, J. 2019. Too Much Security Money? In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 502. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp32 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/