CISO Stories Podcast (Audio)

Communication in any organization can be a challenge, especially when working with different levels of government and the various funding mechanisms. Join this podcast to lean how one State CISO navigated the rough waters by focusing on relationships and increased security spending and knowledge of security activities across government levels.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Mark_Weatherford_Article.pdf Weatherford, M. 2019. Relationships Matter. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 473. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp22 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

As threats to the nation’s security grow, there remains a substantial and increasing shortage of skilled cybersecurity professionals. The federal government and private sector can work together to fill their open positions and attract the next generation of motivated mission-driven cybersecurity leaders. This podcast discusses the Cybersecurity Talent Initiative, a federal/private partnership which provides up to $75,000 in student loan assistance for individuals hired by the private sector companies after developing skills through a two-year program in the federal government.   Show Notes: https://securityweekly.com/csp21 https://securityweekly.com/wp-content/uploads/2021/06/CTI_Spring-2021-Onepager_corporate.pdf https://securityweekly.com/wp-content/uploads/2021/06/nice_framework062017.pdf   This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Ira Winkler, CISO at Skyline Technology Solutions, recounts his amazing journey from wannabe astronaught to NSA intelligence analyst, social engineer, systems hacker and author and some of the crazy things that happened along the way. Ira is considered one of the world’s most influential security professionals and has been named a “Modern Day James Bond” - a title he earned by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World, investigated cybercrimes against them, and then telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost-effective security programs and increase security awareness.   Show Notes: https://securityweekly.com/csp20 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

We want to trust our employees and contractors working within our organizations. For the most part, people are doing their jobs with integrity every day. What happens when an employee decides to leave the organization and start their own business – with our Intellectual property or customer lists? Or when an employee downloads material to work at home? Join this podcast to learn how to build an insider risk program to mitigate these threats.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Dawn_Cappelli_Article.pdf   Cappelli, D. 2019. Mitigate the Risk of Insiders Stealing Company Confidential Information. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 187. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Today most organizations have some of the processing in the cloud. As data moves farther away from the physical control of the organization, this movement provides opportunities of scale, flexibility, and speed. Join this podcast to learn how to use appropriate controls to manage this cloud environment.   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Jim_Reavis_Article.pdf   Reavis, J. 2019. Building a Bridge to the Future with Cloud Controls Matrix. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 243. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald https://cloudsecurityalliance.org/ https://cloudsecurityalliance.org/education/ccak/ https://cloudsecurityalliance.org/research/cloud-controls-matrix/   Show Notes: https://securityweekly.com/csp18 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

We have limited investment dollars and therefore must ensure we are protecting the right assets. The practical side of determining “what” needs to be protected and “how” is a convoluted maze of academics, taxonomies, frameworks, and inconsistent approaches. Here we discuss 5 critical elements to make a difference by developing and effective Critical Asset Protection Program (CAPP).   To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_RolandCloutier_Article.pdf   Cloutier, R. 2019. Critical Cyber Asset Protection Planning—Learning Concepts and Operational Imperatives for Protecting What Needs to be Protected. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs 148-150. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp17 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Will Lin, founding team member at ForgePoint Capital and co-creator of the CISO community Security Tinkerers, discusses his passion for technology and how it led him to a career helping security companies launch, as well as his work supporting CISOs through collaboration and knowledge sharing.   Show Notes: https://securityweekly.com/csp16 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Healthcare security today is much more complex with integrated clinical systems and connected community networks. No longer are the medical records stored with a single provider. Join this podcast to learn how one Healthcare CISO is forging relationships and having the appropriate risk-based discussions at the right levels to address the challenge.    To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Erik_Decker_Article.pdf   Decker, E. 2019. Healthcare Cybersecurity. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 106. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp15 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

All disciplines need to be able to demonstrate added value and track the ability to improve upon the current practices. The board, technical management, auditors, and engineers may each need a different view of the security initiatives performed. Join this podcast to how different metrics can be applied to different groups so each can improve their performance over time. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Edward_Marchewka_Article.pdf Marchewka, E. 2019. Security Metrics to Measure Program Effectiveness. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 167. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald   Show Notes: https://securityweekly.com/csp14 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Tatu Ylönen, SSH founder and inventor of Secure Shell, discusses the genesis for the protocol and his keen interest in the application of technological solutions to fundamental cybersecurity challenges...   Show Notes: https://securityweekly.com/csp13 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/