CISO Stories Podcast (Audio)

10,500 storefronts. 2.3 million associates worldwide. $572.8 billion in revenue. Today’s cybersecurity landscape is complex, as attacks can deliver disruption in the blink of an eye. The focus of Walmart’s Information Security team is to secure our operating environment in the service of building and maintaining trust with our customers, associates and stakeholders. To perform at the necessary scale, it takes a village of intelligent associates, a reliance on technologies like automation and a vigilant mindset to stay ahead of adversarial threats. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-126

Joe Sullivan has shown all of us that CISOs are on the front lines when it comes to breaches and their legal aftermath. Unfortunately, most CISOs are not attorneys and may not understand the rules of engagement with law enforcement to the point where they may find themselves in legal jeopardy for ‘doing the right thing’. Join Larry Dietz long time cybersecurity professional, attorney and retired US Army Colonel and Todd Fitzgerald for a lively discussion on how to prepare for the legal ramifications of security incidents. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp-125

CISOs want to enable the business. But sometimes we must stand our ground and explain our position with rationale. So, how do we convince other people to act without telling their baby is ugly? Join us, as we discuss having difficult conversations.   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/   Show Notes: https://securityweekly.com/csp-124 

The CISO who can speak to the financial implications of cyber risk will be able to successfully work amongst the C-suite and in the board room to prioritize and address cyber initiatives. Building a view of the financial implications of those risks based on real data enhances not only the CISO’s decision-making ability but also the CISO’s credibility with stakeholders. Join us as we take a look at how industry and enterprise data sources can be leveraged to build a view of the financial implications of cyber risk to set the stage for making quality decisions.   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/   Show Notes: https://securityweekly.com/csp123 

In April, the SEC is expected to finalize new rules on cybersecurity. The rules will require every publicly traded company to file disclosures with descriptions of their security strategy, governance, and risk management. Companies will need to explain to shareholders how they assess cyber risk, describe their security policies, and demonstrate a significant level of board oversight on cybersecurity issues. The SEC rules are qualitatively different from existing cyber regulatory frameworks, such as HIPAA and PCI DSS, which skew toward enforcing technical controls handled by the IT department. The SEC rules, in contrast, demand that C-suites and boards get more involved and demonstrate a strategic approach to managing cyber risk.   Visit https://securityweekly.com/csp for all the latest episodes!  Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/   Show Notes: https://securityweekly.com/csp122 

All CISO roles are challenging. CISOs of large municipalities face many of the same risks with a unique set of challenges to overcome. Join us for a conversation about the rewarding experience of leading a government cybersecurity program for the nation’s third largest city.   Visit https://securityweekly.com/csp for all the latest episodes!  Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/   Show Notes: https://securityweekly.com/csp121 

Writing a cybersecurity strategy is an essential role of the CISO. How do you avoid the strategy from becoming outdated? Shelfware? Not in line with the business? Join us as Joey articulates his techniques for gaining stakeholder adoption of the strategy.   Visit https://securityweekly.com/csp for all the latest episodes!  Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/   Show Notes: https://securityweekly.com/csp120 

Obtaining our first CISO role is an exciting and challenging experience at the same time. At some point, we will move on to another company. How have you prepared the person who needs to take your role? What knowledge and experience are you sharing with the next in line? Join Dave, as he has some great leadership lessons, approaches and tips for helping the next CISO and the organization.   Visit https://securityweekly.com/csp for all the latest episodes!  Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/    Show Notes: https://securityweekly.com/csp119 

Everyone has a struggle or hurdle they will face. Your outcome is largely determined by your approach. Does this mean you will get OVER every hurdle? No. But sometimes, you can go around it or under it and still reach your final destination.   Show Notes: https://securityweekly.com/csp118 

Ensuring organizations have the proper governance, risk and compliance (GRC) practices is essential to ensuring risks are appropriately mitigated. Join us as we discuss the interconnectedness of risk, the process of GRC , and Michael’s thoughts on how to improve the process.   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/   Show Notes: https://securityweekly.com/csp117