CISO Stories Podcast (Audio)

At the surface, being a CISO in Higher Education is very similar to any industry vertical but the opportunities, challenges, and impacts are significantly more complex. Many consider HE to be behind in security practices. While it is true that HE doesn't buy a lot of security tools, we are on the leading edge of focusing on mitigating security risks at the level the institution truly needs. Also, our community requires support for accessibility, gender-identity, and general identity access management that is far above what most technologies can handle. All this leads to a CISO needing to be creative, flexible, and thoughtful to best lead their programs. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-129

At the surface, being a CISO in Higher Education is very similar to any industry vertical but the opportunities, challenges, and impacts are significantly more complex. Many consider HE to be behind in security practices. While it is true that HE doesn't buy a lot of security tools, we are on the leading edge of focusing on mitigating security risks at the level the institution truly needs. Also, our community requires support for accessibility, gender-identity, and general identity access management that is far above what most technologies can handle. All this leads to a CISO needing to be creative, flexible, and thoughtful to best lead their programs. Show Notes: https://securityweekly.com/csp-129

Navigate the complexities of building high performing teams in security, risk management, and business resilience uncovering the strategy, frameworks and tactics. Join us as we explore the nuances of collaboration, strategy formulation, and innovative thinking that empower these teams to excel in challenging business and risk management environments. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp-128

In today's hyper connected world how do you create a global cyber program that can deliver locally. You start by creating a culture - a culture rooted to delivering high impact with low ego. Culture eats strategy for breakfast ... Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp-127

10,500 storefronts. 2.3 million associates worldwide. $572.8 billion in revenue. Today's cybersecurity landscape is complex, as attacks can deliver disruption in the blink of an eye. The focus of Walmart's Information Security team is to secure our operating environment in the service of building and maintaining trust with our customers, associates and stakeholders. To perform at the necessary scale, it takes a village of intelligent associates, a reliance on technologies like automation and a vigilant mindset to stay ahead of adversarial threats. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-126

Joe Sullivan has shown all of us that CISOs are on the front lines when it comes to breaches and their legal aftermath. Unfortunately, most CISOs are not attorneys and may not understand the rules of engagement with law enforcement to the point where they may find themselves in legal jeopardy for 'doing the right thing'. Join Larry Dietz long time cybersecurity professional, attorney and retired US Army Colonel and Todd Fitzgerald for a lively discussion on how to prepare for the legal ramifications of security incidents. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-125

CISOs want to enable the business. But sometimes we must stand our ground and explain our position with rationale. So, how do we convince other people to act without telling their baby is ugly? Join us, as we discuss having difficult conversations. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-124

The CISO who can speak to the financial implications of cyber risk will be able to successfully work amongst the C-suite and in the board room to prioritize and address cyber initiatives. Building a view of the financial implications of those risks based on real data enhances not only the CISO's decision-making ability but also the CISO's credibility with stakeholders. Join us as we take a look at how industry and enterprise data sources can be leveraged to build a view of the financial implications of cyber risk to set the stage for making quality decisions. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp123

In April, the SEC is expected to finalize new rules on cybersecurity. The rules will require every publicly traded company to file disclosures with descriptions of their security strategy, governance, and risk management. Companies will need to explain to shareholders how they assess cyber risk, describe their security policies, and demonstrate a significant level of board oversight on cybersecurity issues. The SEC rules are qualitatively different from existing cyber regulatory frameworks, such as HIPAA and PCI DSS, which skew toward enforcing technical controls handled by the IT department. The SEC rules, in contrast, demand that C-suites and boards get more involved and demonstrate a strategic approach to managing cyber risk. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp122

All CISO roles are challenging. CISOs of large municipalities face many of the same risks with a unique set of challenges to overcome. Join us for a conversation about the rewarding experience of leading a government cybersecurity program for the nation's third largest city. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp121