CISO Perspectives (public)

Rick recommends podcasts and books that he found valuable in 2021, and makes the case for why reading books and listening to podcasts makes security professionals better students of the cybersecurity game.For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this “Rick the Toolman” episode, Rick interviews Steve Winterfeld, from Akamai, on the current state and future of the Mitre ATT&CK Framework.For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this “Rick the Toolman” episode, Rick interviews Jon Oltsik, from the Enterprise Strategy Group, on the current state and future of XDR.For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this “Rick the Toolman” episode, Rick breaks down XDR in terms that busy security executives can understand and apply to their first principle security strategy.For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of CSO Perspectives, Rick Howard examines the MITRE ATT&CK® framework for the security executive. Rick explains how your infosec team can use it to support your intrusion kill chain strategy. More importantly, Rick describes the framework in terms that busy security executives can understand.For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

The 2016 DNC hack: We can use cyber sand tables to enhance our cybersecurity first principle defenses since the concept, in various forms, have been used by military commanders, coaches, and athletes since the world was young. The show puts the DNC hack on the cyber sand table to see what might have been done differently with host Rick Howard, the CyberWire’s CSO and Chief Analyst.For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

Security compliance is a cybersecurity first principle strategy.Can security compliance add value to your organization as a first principle strategy? Or is it a distraction? In this session, we learn about the value of technology compliance and compliance technologies. Rick digs into the fundamentals of compliance and reviews case studies that reveal the potential material impact to your organization due to a compliance incident. As Rick says, “Compliance is a ticket to ride.” On the Hash Table, Tom Quinn of T. Rowe Price argues for why compliance is both good for business and good for security.Cybersecurity professional development and continued education.You will learn about: privacy and security compliance, compliance support services, the value of investing in compliance, CyberWire’s spreadsheet of cybersecurity laws and standards CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, InstagramAdditional first principles resources for your cybersecurity program.For more compliance and cybersecurity first principles resources, check the topic essay. Learn more about your ad choices. Visit megaphone.fm/adchoices

Security compliance is a cybersecurity first principle strategy.Can security compliance add value to your organization as a first principle strategy? Or is it a distraction? In this session, we learn about the value of technology compliance and compliance technologies. Rick digs into the fundamentals of compliance and reviews case studies that reveal the potential material impact to your organization due to a compliance incident. As Rick says, “Compliance is a ticket to ride.”Cybersecurity professional development and continued education.You will learn about: privacy and security compliance, compliance support services, the value of investing in compliance, CyberWire’s spreadsheet of cybersecurity laws and standards CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, InstagramAdditional first principles resources for your cybersecurity program.For more compliance and cybersecurity first principles resources, check the topic essay. Learn more about your ad choices. Visit megaphone.fm/adchoices

Adversary playbooks as a cybersecurity first principle strategy.They told us the adversary has an asymmetric advantage; that cyber defense has to be right every time while the offense only has to get it right once. Rick proves that proactive defense and adversary playbooks can flip that dynamic on its head. With the world of cyber defense and threat intelligence upside down, Rick and the Hash Table discuss the history of shifting the offense/defense balance, the three components of a proactive defense, and the evolution of adversary playbooks and the intrusion kill chain.with Rick Howard, the CyberWire’s CSO and Chief Analyst, joined by Ryan Olson, the Palo Alto Networks VP on Threat Intelligence (Unit 42). They discuss the history and next steps for the adversary playbook concept.Cybersecurity professional development and continued education.You will learn about: adversary playbooks and proactive defense, flipping the offense/defense balance, the 3 components of a proactive defense, ISACs and ISAOsCyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, InstagramAdditional first principles resources for your cybersecurity program.For more adversary playbooks and cybersecurity first principles resources, check the topic essay. Learn more about your ad choices. Visit megaphone.fm/adchoices

Adversary playbooks as a cybersecurity first principle strategy.They told us the adversary has an asymmetric advantage; that cyber defense has to be right every time while the offense only has to get it right once. Rick proves that proactive defense and adversary playbooks can flip that dynamic on its head.Cybersecurity professional development and continued education.You will learn about: adversary playbooks and proactive defense, flipping the offense/defense balance, the 3 components of a proactive defense, ISACs and ISAOsCyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, InstagramAdditional first principles resources for your cybersecurity program.For more adversary playbooks and cybersecurity first principles resources, check the topic essay. Learn more about your ad choices. Visit megaphone.fm/adchoices