Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance

In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Brian Honan, the CEO of BH Consulting, to discuss the evolving landscape of cybersecurity and its governance, particularly in the EU. Brian shares insights on the role of European cybersecurity bodies like ENISA and the importance of cybersecurity in business operations. The discussion covers how to effectively communicate cybersecurity concerns to non-technical stakeholders, tips for building a successful consultancy, and the potential impact of new regulations like NIS2 and DORA on the industry. Learn about the resources and tools available for consultants on the ENISA website and how collaboration with national and EU bodies can enhance cybersecurity efforts.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Brian Honan (05:21) - European Cybersecurity Organizations and Their Roles (12:49) - Consulting and EU Cybersecurity Resources (18:11) - Engaging with National and EU Cybersecurity Bodies (25:38) - The Role of Cyber Ireland (27:54) - Government Grants and Support (29:50) - Consultant's Role in Government Policy (31:40) - Translating Cybersecurity for Businesses (37:15) - Competitive Advantage Through Cybersecurity (43:52) - Opportunities in Cybersecurity Regulations (51:04) - Resources for Consultants

In this episode of the Secure and Simple Podcast, host Dejan Kosutic sits down with Dominic "Dom" Vogel, president of Vogel Cyber Leadership and Coaching. Dom shares his unique journey from traditional cybersecurity consulting to a more human-focused coaching approach. He emphasizes the importance of building strong, empathetic relationships within tech teams and improving internal branding. Dom also discusses the value of integrating cybersecurity strategies with business goals and how a human-centric methodology can lead to more meaningful and sustainable change in organizations. With insights into his coaching methods and client success stories, this episode provides actionable advice for cybersecurity professionals, IT leaders, and consultants looking to enhance their leadership and coaching skills.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Dominic Vogel (02:40) - Human-Centric Approach to Cybersecurity Coaching (04:25) - Coaching Success Stories (14:55) - The Importance of Internal Branding (19:46) - Cybersecurity Leadership in Small Organizations (24:08) - Aligning Cybersecurity with Business Goals (29:33) - Building Sustainable Client Relationships (31:26) - Value-Based Pricing in Consulting (34:47) - The Importance of Saying No (37:20) - Opportunities in Small and Mid-Sized Businesses (40:13) - Leveraging Speaking Engagements for Leads (43:23) - The Role of AI in Consulting (47:31) - Resources for Consultants

In this episode of the Secure and Simple Podcast, we delve into the secrets of becoming a subject matter expert and thriving as a consultant. Our special guest, Tudor Galos, shares his transition from a marketing role at Microsoft to establishing his AI and GDPR consultancy. We explore the power of providing valuable content, maintaining positive client experiences, and navigating the growing field of AI governance. Packed with insights on marketing strategies, building trust, and dominating your niche, this episode is a must-watch for cybersecurity (and other) consultants.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  (00:00) - Interview with Tudor Galos (01:11) - Transition from Corporate to Entrepreneurship (03:40) - Offering Free Consultations to Build a Brand (07:48) - Focusing on Small and Medium-Sized Clients (12:20) - Building Trust and Securing Clients (20:45) - The Importance of Specialization (24:37) - Expanding into AI Governance (35:05) - Pricing Strategies for Consultants (37:45) - The Future of Consulting in the AI Era (42:23) - Advice for Aspiring Consultants (44:42) - Resources for Consultants

In this episode of the Secure and Simple Podcast, host Dejan Kosutic speaks with Bevan Lane, CEO of InfoSec Advisory Group. Bevan shares his journey from starting as an independent contractor to building a successful cybersecurity consultancy with offices in South Africa and London, and clients across five continents. Learn about his approach to scaling the business, including hiring passionate young talent, leveraging automation, and adapting to industry changes. Bevan also discusses the importance of balancing work and family life and provides valuable advice for aspiring consultants. Stay tuned for insights on the future of cybersecurity consulting and more.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Bevan Lane (03:11) - Hiring and Training the Right People (06:26) - Mentorship and Structured Training (09:34) - Challenges of Retaining Talent (10:55) - CEO's Role and Company Growth Strategy (14:22) - Impact of AI on Consulting and Auditing (17:49) - Finding and Partnering with Clients (22:45) - Leveraging LinkedIn for Business Growth (27:02) - Challenges in Consultancy (30:29) - Balancing Work and Personal Life (35:23) - Future of Consulting and Auditing (40:27) - Advice for Aspiring Consultants (42:54) - Resources for Consultants

In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Philippe Cornette, an interim CISO and founding partner at DigiSôter consultancy, to discuss the challenges and opportunities in cybersecurity consulting. They delve into the importance of aligning cybersecurity projects with business value, the evolving nature of cybersecurity frameworks like NIS2, and the critical skills consultants need to succeed. Philippe shares his journey from working as an employee for over two decades to becoming a consultant and offers valuable insights into how consultants can make a significant impact in this ever-changing field.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Philippe Cornette (03:33) - The Role of a Chief Troubleshoot Officer (05:15) - Understanding NIS2 Directive (09:35) - Aligning Business with Cybersecurity (13:38) - The Importance of Business Risk Analysis (15:44) - Challenges in IT and OT Convergence (17:02) - Consultant's Role in Cybersecurity Projects (26:41) - Expertise and Change Management in Cybersecurity (29:22) - Navigating EU Regulations (33:04) - Consulting Opportunities in Cybersecurity (36:05) - The Future of Consulting with AI (41:40) - CISO as a Service Explained (47:35) - Competing in the Consulting Market (56:23) - Resources for Consultants

In this episode of the Secure and Simple Podcast, host Dejan Kosutic welcomes Cristos Velasco, an independent consultant and associate professor specializing in cyber law, cybercrime, cybersecurity, and AI. They discuss the new EU electronic evidence package published in August 2023 and its enforcement in 2026, diving into the regulation, the directive, and its implications for law enforcement and service providers. Cristos shares his journey into consultancy, the significance of electronic evidence and digital forensics, and the challenges presented by rapidly changing technologies and legislation. They also explore the benefits for companies preparing for these new regulations and offer advice for aspiring consultants in the cybersecurity field.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Cristos Velasco (01:05) - Cristos Velasco's Career Journey (03:10) - Understanding Electronic Evidence (06:11) - Challenges in Preserving Blockchain Evidence (09:01) - Upcoming EU Electronic Evidence Package (11:55) - Preparing for the New EU Package (18:48) - Digital Forensics vs. Electronic Evidence (20:57) - Freezing Digital Evidence: Importance and Challenges (22:35) - Legal Complexities in Data Retention and Preservation (24:35) - Technical and Organizational Aspects of Evidence Preservation (31:51) - Chain of Custody in Digital Evidence (38:40) - Consulting and Training in Cybersecurity (45:02) - Resources for Consultants

In this episode of the Secure and Simple Podcast, host Dejan Kosutic welcomes independent cybersecurity consultant and Cyber JA podcast host, Richea Perry. Richea shares his journey from facing job loss during COVID-19 to becoming a successful consultant by leveraging online courses on platforms like Udemy. He discusses the importance of building a personal brand, creating valuable content, and how networking on LinkedIn and other platforms can lead to consulting opportunities. Richea also provides insights into the use of AI in course creation, effective communication skills, and the future of online education in cybersecurity. Tune in to learn best practices for building a portfolio of online courses and using them to support your consulting practice.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account    (00:00) - Interview with Richea Perry (01:10) - Journey to Becoming a Consultant (04:15) - Transition from Technical to Consulting (06:25) - Starting with Udemy Courses (10:43) - Developing Course Content (20:18) - Using AI in Course Creation (23:24) - Recording Courses Efficiently (26:25) - Editing Tools (28:13) - Promoting Your Courses (31:50) - Monetizing and Business Model (34:40) - Choosing the Right Platform (36:35) - Future of Online Training and AI (41:04) - Essential Skills for Consultants (45:22) - Final Recommendations (48:28) - Additional Resources for Consultants

In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Punit Bhatia, founder of FIT4Privacy Consulting Company, author of 4 books on GDPR, and host of the FIT4Privacy podcast. Punit shares his journey from working at a bank to becoming a leading consultant in privacy and AI governance. He discusses the importance of content marketing, personal branding, and consistency in building a consultancy business. Punit also provides insights into how creating expert materials, publishing books, speaking at events, and maintaining a presence on platforms like YouTube and LinkedIn have contributed to his success. Tune in to learn best practices for promoting your consultancy and establishing a strong professional network.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Punit Bhatia (01:02) - Starting a Consulting Career: Punit's Journey (03:47) - The Freedom of Being an Independent Consultant (04:36) - Building an International Clientele (07:33) - Visibility and Content Marketing Strategies (13:02) - Effective Use of Social Media Channels (18:14) - The Podcast Journey (23:21) - Leveraging Content for Business (25:49) - The Role of Books in Brand Building (27:39) - The Importance of Consistency (34:53) - Expanding Expertise to AI (36:45) - Future of AI and Privacy Standards (39:56) - Final Thoughts and Recommendations (41:13) - Useful Resources for Consultants

In this insightful episode of the Secure and Simple Podcast, host Dejan Kosutic discusses the evolving landscape of standards with Tom Wheat, UK Country Manager at PJR. They delve into the importance of ISO 27001 as the benchmark for global information security, the internal processes within certification bodies, and the value certification bodies can add beyond just issuing certificates. The discussion also covers the role of consultants, the competitive certification market, the impacts of AI, and key recommendations for consultants preparing clients for certification. Tune in for valuable insights on ensuring continuous improvement, compliance, and the future of cybersecurity certification.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account   (00:00) - Interview with Tom Wheat (02:10) - Tom's Journey: From Consultant to Certification Manager (05:36) - The Importance of ISO 27001 (07:51) - Trends in Certification and Compliance (13:52) - Behind the Scenes of Certification Bodies (22:18) - The Value of Certification Bodies (24:55) - Auditors and Best Practices (28:07) - Consultants in the Certification Process (30:14) - Handling Non-Conformities and Appeals (32:41) - Competing in the Certification Market (36:42) - The Future of Certification Bodies (39:13) - AI and the Future of Compliance (43:13) - Top Recommendations for Consultants (45:22) - Conclusion and Resources

This episode features Luigi Viscione, CEO and Founder of Micsar, a seasoned consultant with a decade of experience in IT security and data protection. Luigi discusses the intersection of privacy and cybersecurity, the challenges and benefits of being a consultant, as well as the importance of integrating multiple security frameworks like GDPR and ISO 27001. Gain insights on how to streamline processes, secure client buy-in, and manage large-scale implementations effectively. Don't miss Luigi's experiences on the future of AI in consultancy and how it can influence the cybersecurity landscape.Links from the episode:- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertize to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account (00:00) - Interview with Luigi Viscione (01:27) - Starting a Consulting Business (03:10) - Combining Cybersecurity and Privacy (05:16) - Implementing ISO 27001 and GDPR (07:07) - Integrated Risk Management (10:47) - Handling Security Incidents (12:27) - Client Reactions to Integrated Approaches (16:23) - Gaining Senior Management Support (28:41) - Balancing Implementation and Maintenance (33:31) - Managing Multiple Frameworks (40:28) - Future of AI in Consulting (47:14) - Consultancy Evolution and Key Takeaways (50:24) - Conclusion and Resources