Caffeinated Risk

Exploring cyber incident response plans mandated by various regulatory frameworks, the podcast delves into recent Canadian cyber incidents, the challenges they pose, and the importance of using ESRM principles to enhance cybersecurity programs. With a focus on building resilience, the discussion emphasizes the need for contingency planning, agility, and effective communication with executives to navigate cybersecurity incidents effectively.

Learn from cyber security expert Steven J Ross about the importance of cyber resilience in the business world. Explore topics such as privacy in data management, AI impact on privacy, data recovery challenges, cyber resilience in healthcare, and building trust with clients through transparent cybersecurity communication.

Brian Allen, co-author of a new book on Cyber Risk Management Program, discusses the SEC mandated requirement for cyber risk management. Topics include the framework of a cyber risk management program, balancing risk-informed decision making, and the significance of understanding the role of security professionals.

John Cusimano, former chairman of the ISA subcommittee, talks about the origins of the OT-specific risk assessment process, managing and perceiving the methodology, and the future of cloud computing. They also discuss the integration of engineering disciplines in cyber risk management, involving subject matter experts in the risk assessment process, and the significance of collaboration and tailoring the process. The chapter on understanding a risk-based approach in OT security programs emphasizes the importance of baseline controls.

Explore the intersection of security and crime with criminologist Martin Gill. Learn about evidence-based security practices, the evolving security industry landscape, and the importance of understanding security from an offender's perspective. Discover the significance of effective security measures, professional training, and collaboration within the security industry.

Former U.S. president George W Bush discusses ESRM, ransomware, and threat intelligence. The podcast explores the evolution of risk management, financial decisions in the face of cyber attacks, and the importance of resilience in cybersecurity.

A discussion with Michael Lashlee covers the benefits of physical and cyber security departments working together, drawing insights from the US Marines and Secret Service. They explore how technology supports specialists in keeping client data safe and address the cyber skills talent shortage. Topics include enterprise resilience, protecting financial transactions, initiatives to address the cybersecurity workforce shortage, and forming adaptive teams for effective security solutions.

Explore Calgary's history as an ICS cyber hub, Terry Freestone's journey in security risk management, and his four-point strategy for risk mitigation. Learn about the mindset shift to cybersecurity, navigating risks in business operations, and balancing time and risk analysis in security management.

Exploring evolving trends in cybersecurity practices, the importance of trust in risk management advisory, earning executive trust for proactive planning in cloud services, and diversifying skill sets for resilience in security programs.

Rachelle Loyear discusses the fusion of data science and security, emphasizing the incorporation of human behavior in risk assessment. Topics include cyber crime risks, data analysis in security strategies, future of data sharing, automation in risk management, and reflections on ESRM evolution.