Caffeinated Risk

Adam McMath, an expert in incident response with a rich background in both cyber and physical security, dives into resilience and risk management. He shares transformative lessons from his firefighting days, emphasizing structured incident response frameworks. Adam advocates for a business-centric approach to cybersecurity, aligning security measures with organizational goals. He also discusses the vital connection between organizational culture and effective security, highlighting the human element in navigating threats and the pivotal role of training.

Radek Havlis, VP at O2 Telefonica, discusses the evolution of ESRM in the telecommunications industry, emphasizing the importance of visionary leadership, risk management philosophy, and security as a business enabler. Topics include navigating regulations, security transformation, cultural integration, and the evolving role of risk advisors within organizations.

Exploring cyber incident response plans mandated by various regulatory frameworks, the podcast delves into recent Canadian cyber incidents, the challenges they pose, and the importance of using ESRM principles to enhance cybersecurity programs. With a focus on building resilience, the discussion emphasizes the need for contingency planning, agility, and effective communication with executives to navigate cybersecurity incidents effectively.

Learn from cyber security expert Steven J Ross about the importance of cyber resilience in the business world. Explore topics such as privacy in data management, AI impact on privacy, data recovery challenges, cyber resilience in healthcare, and building trust with clients through transparent cybersecurity communication.

Brian Allen, co-author of a new book on Cyber Risk Management Program, discusses the SEC mandated requirement for cyber risk management. Topics include the framework of a cyber risk management program, balancing risk-informed decision making, and the significance of understanding the role of security professionals.

John Cusimano, former chairman of the ISA subcommittee, talks about the origins of the OT-specific risk assessment process, managing and perceiving the methodology, and the future of cloud computing. They also discuss the integration of engineering disciplines in cyber risk management, involving subject matter experts in the risk assessment process, and the significance of collaboration and tailoring the process. The chapter on understanding a risk-based approach in OT security programs emphasizes the importance of baseline controls.

Explore the intersection of security and crime with criminologist Martin Gill. Learn about evidence-based security practices, the evolving security industry landscape, and the importance of understanding security from an offender's perspective. Discover the significance of effective security measures, professional training, and collaboration within the security industry.

Former U.S. president George W Bush discusses ESRM, ransomware, and threat intelligence. The podcast explores the evolution of risk management, financial decisions in the face of cyber attacks, and the importance of resilience in cybersecurity.

A discussion with Michael Lashlee covers the benefits of physical and cyber security departments working together, drawing insights from the US Marines and Secret Service. They explore how technology supports specialists in keeping client data safe and address the cyber skills talent shortage. Topics include enterprise resilience, protecting financial transactions, initiatives to address the cybersecurity workforce shortage, and forming adaptive teams for effective security solutions.

Explore Calgary's history as an ICS cyber hub, Terry Freestone's journey in security risk management, and his four-point strategy for risk mitigation. Learn about the mindset shift to cybersecurity, navigating risks in business operations, and balancing time and risk analysis in security management.