Caffeinated Risk

Brian Allen, co-author of a new book on Cyber Risk Management Program, discusses the SEC mandated requirement for cyber risk management. Topics include the framework of a cyber risk management program, balancing risk-informed decision making, and the significance of understanding the role of security professionals.

John Cusimano, former chairman of the ISA subcommittee, talks about the origins of the OT-specific risk assessment process, managing and perceiving the methodology, and the future of cloud computing. They also discuss the integration of engineering disciplines in cyber risk management, involving subject matter experts in the risk assessment process, and the significance of collaboration and tailoring the process. The chapter on understanding a risk-based approach in OT security programs emphasizes the importance of baseline controls.

Explore the intersection of security and crime with criminologist Martin Gill. Learn about evidence-based security practices, the evolving security industry landscape, and the importance of understanding security from an offender's perspective. Discover the significance of effective security measures, professional training, and collaboration within the security industry.

Former U.S. president George W Bush discusses ESRM, ransomware, and threat intelligence. The podcast explores the evolution of risk management, financial decisions in the face of cyber attacks, and the importance of resilience in cybersecurity.

A discussion with Michael Lashlee covers the benefits of physical and cyber security departments working together, drawing insights from the US Marines and Secret Service. They explore how technology supports specialists in keeping client data safe and address the cyber skills talent shortage. Topics include enterprise resilience, protecting financial transactions, initiatives to address the cybersecurity workforce shortage, and forming adaptive teams for effective security solutions.

Explore Calgary's history as an ICS cyber hub, Terry Freestone's journey in security risk management, and his four-point strategy for risk mitigation. Learn about the mindset shift to cybersecurity, navigating risks in business operations, and balancing time and risk analysis in security management.

Exploring evolving trends in cybersecurity practices, the importance of trust in risk management advisory, earning executive trust for proactive planning in cloud services, and diversifying skill sets for resilience in security programs.

Rachelle Loyear discusses the fusion of data science and security, emphasizing the incorporation of human behavior in risk assessment. Topics include cyber crime risks, data analysis in security strategies, future of data sharing, automation in risk management, and reflections on ESRM evolution.

Threat modeling expert discusses integrating expertise into risk assessment, no AI magic in identifying threats. Exploring fusion of metrics and opinions in attack tree modeling, analyzing cybersecurity architecture using historical attacks for security assessment.

Dr. Jack Freund, risk management thought leader, discusses quantifying risk, breach reports, cultural change in organizations, and prioritizing security efforts. Insightful and humorous, he shares his expertise in risk management with the hosts.