CISO Stories Podcast (Audio)

All disciplines need to be able to demonstrate added value and track the ability to improve upon the current practices. The board, technical management, auditors, and engineers may each need a different view of the security initiatives performed. Join this podcast to how different metrics can be applied to different groups so each can improve their performance over time. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Edward_Marchewka_Article.pdf Marchewka, E. 2019. Security Metrics to Measure Program Effectiveness. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 167. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp14 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Tatu Ylönen, SSH founder and inventor of Secure Shell, discusses the genesis for the protocol and his keen interest in the application of technological solutions to fundamental cybersecurity challenges... Show Notes: https://securityweekly.com/csp13 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Hopefully you won't have to hire a lawyer to defend yourself against a government regulator. What happens when the Federal Trade Commission or other powerful body accuses your company of wrongdoing which you do not feel you were responsible for? Join this podcast and hear how the owner of a small company decided to take on the FTC and how he went about choosing a lawyer. The answers will surprise you and provide some useful tips for choosing a lawyer. Show Notes: https://securityweekly.com/csp12 To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_MichaelJDaugherty_CCExtract.pdf Daugherty, M. 2019. Finding the Right Lawyer to Defend Your Company. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 337. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Never in history has the cyber defender had access to so many technologies and tools to defend our companies. This has created the "Fog of More", making the choices difficult to manage. Join the former 35-year NSA software vulnerability analyst and executive manager, and innovator of community-based controls sharing, as he discusses how the CIS controls can be used effectively to manage our environments. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_TonySager_CCExtract.pdf Sager, T.. 2019. Jumpstarting Controls Prioritization Within a Control Framework. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 246. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp11 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Petri Kuivala, CISO at NXP Semiconductors, recounts his journey from municipal police officer to cybercrimes unit investigator to Chief Information Security Officer during the early days when security was largely an afterthought. Show Notes: https://securityweekly.com/csp10 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

The information and cybersecurity industry have no shortage of regulations and many organizations run down the listing of requirements, load them into an excel spreadsheet to demonstrate compliance. Is compliance the same as security? Join this podcast for an analogy of why compliance is not security and how we can change our organization's orientation to increasing security. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_LeeParrish_CCExtract.pdf Parrish, L. 2019. The Colonoscopy of Cybersecurity. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 15. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp9 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Mauro Israel, CISO at ORPEA Group, discusses his colorful background and how he - like so many others in the security field - came to discover his true calling late in life but was able to apply his wide range of knowledge and experience to the role of CISO in the healthcare field. Show Notes: https://securityweekly.com/csp8 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Information security departments are often challenged to come up with "ROI" or Return on Investment for the information security initiatives. Why should the information security department be any different? Join this podcast and learn why calculating an ROI may not be necessary and how reducing risk has different considerations. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOCOMPASS_PaulHypki.pdf Hypki, P. 2019. Where's the ROI? In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 83. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

The CISO role in some organizations is relatively new. The CISO role has actually evolved over the past 25 years since Citibank named the first CISO. Join this podcast to learn how Steve navigated the early days of security and the changes in the role today. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_SteveKatz_CCExtract.pdf Katz, S. 2019. Interview with the First CISO. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 8. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Bob Bigman, former CISO for the CIA, simplifies the conversation by slaughtering some of the industry's most sacred cows like risk tolerance as a key driver for security programs... Show Notes: https://securityweekly.com/csp5 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/