CISO Tradecraft®

Have you ever heard a vendor has software features such as Artificial Intelligence (AI) or Machine Learning (ML)?   What does that mean?  On this episode we answer those questions so you know when vendors are full of it.  Common reasons to use Artificial Intelligence Types of Artificial Intelligence What Machine Learning is How Machine Learning works How to select the right algorithm References How to Select Machine Learning Algorithms ML Algorithm Cheat Sheet 63 Machine Learning Algorithms

Today, CISO Tradecraft hosts a 5 minute discussion to talk about reflection.  The concept is Roses, Buds, and Thorns.  It’s an exercise designed to identify opportunities to make positive change. Roses- What’s working Buds - What are new ideas Thorns- What do we need to stop If you would like to learn more please check out the article from MITRE We would love to hear your feedback here. Thank you, CISO Tradecraft

On this episode CISO Tradecraft we dive into the world of blockchain.  As a CISO you may be expected to explain to executives what the technology does and possibly how it works.  Here's your briefing to make you successful.  We'll cover: History of money and birth of bitcoin Why blockchain uniquely solves an age-old trust problem Potential business uses of blockchain technology Smart contracts and why they work Blockchain variants such as private and permissioned https://www.cisotradecraft.com

This episode CISO Tradecraft continues the Ransomware Discussion.  Do you slay the dragon (avoid the ransom) or save the princess (recover your files)?  Talking points include: Background on Ransomware What if we choose to pay a ransom? Is the Ransomware on the sanctions list? Negotiation/Payments Involving Law Enforcement Involving Legal Council Dealing with Cryptocurrencies

Would you like to know more about Ransomware?  On this episode of CISO Tradecraft, G Mark Hardy and Ross Young provide an in-depth discussion on Ransomware.  Key discussions include: What is ransomware? Why does it work? Ransomware Types (Client-Side, Server-Side, & Hybrid) How each of these enter a target environment Ransomware Incidents The Economics of Ransomware How is Ransomware Evolving? Why Ransomware continues to work :( Ethical Issues to consider before paying Ransomware Defenses Please subscribe to the CISO Tradecraft LinkedIn Group to get even more great content CISA Ransomware Guide Link

If there's one place that knows how Advanced Persistent Threat (APT) actors work, it's the National Security Agency (NSA).  On this episode of CISO Tradecraft G Mark Hardy and Ross Young discuss NSA's Top Ten Cybersecurity Mitigation Strategies and how to use them to secure your company. Since the mitigation strategies are ranked by effectiveness against known APT tactics, they can be used to set the priorities for organizations to minimize mission impact from cyber attacks. Update and Upgrade Software Immediately Defend Privileges and Accounts Enforce Signed Software Execution Policies Exercise a System Recovery Plan Actively Manage Systems & Configurations Continuously Hunt for Network Intrusions Leverage Modern Hardware Security Features Segregate Networks using Application-Aware Defenses Integrate Threat Reputation Services Transition to Multi-Factor Authentication Link to NSA's Material

Would you like to know the best practices in modern software development?  On this episode G Mark Hardy and Ross Young overview the 12 Factor App and its best practices: Codebase: One codebase tracked in revision control with many deploys. Dependencies: Explicitly declare and isolate dependencies. Config: Store configurations in the environment. Backing Services: Treat backing services as attached resources Build, Release, Run: Strictly separate build and run stages  Processes: Execute the app as one or more stateless processes. Port Binding: Export services are via port binding. Concurrency: Scale out via the process model. Disposability: Maximize robustness with fast startups and graceful shutdowns. Dev/Prod parity: Keep development, staging, and production as similar as possible. Logs: Treat logs as event streams. Admin Processes: Run admin/management tasks as one-off processes. The episode of CISO Tradecraft discusses important software development concepts such as Extreme Programming, Lean Product Development, and User Centered Design Methodologies.  To learn more about these important concepts please look at the Pivotal Process

This special episode features Mark Egan (Former CIO of Symantec as well as VMWare).  Mark discusses what he looks for during interviews with CISOs, what executives need to demonstrate during their first 90 days to be successful, and how he helps the next generation of cyber professionals at Merritt College. Three Questions to ask during any interview: What do you like best about this role? What are the most challenging pieces of this role? What does success look like for this role one year into the future? Five Step Plan for New CISOs: Start with an assessment of the current “As-Is” IT architecture Perform Business Requirements Analysis (What are the strategic objectives, tactical issues, and business environment). Design of the Future “To Be” IT architecture (application architecture, organization architecture, network architecture, infrastructure architecture) Gap Analysis = (Future - Present).  This is the most important step as you need to determine a good list of alternatives for management.  Talk to consultants and peers in other companies to see how you can come up with a wide range of solutions. Options to Bridge the Gaps = (Cost, Time, & Business Environment).  Present management with alternative approaches for transforming the organization.  Remember speak in business terms and specify ways that align with business objectives.  In terms of cyber it might be Ensuring Financially Significant Applications don’t have operational disruption, ensuring revenue and brand protection by securing internet facing applications, meeting compliance and regulatory concerns, etc. Merritt College Overview Link Volunteer to Help Merritt College Link Contact Merritt College Link Mark Egan LinkedIn Profile Link

Would you actually like to learn about what Zero Trust is without a bunch of marketing jargon?  On this week's episode G Mark Hardy and Ross Young provide a thoughtful discussion on Zero Trust from NIST and Microsoft: Microsoft's Zero Trust Principles Verify Explicitly Use Least Privileged Access Assume Breach NIST 800-207 Seven Tenets of Zero Trust All data sources and computing services are considered resources All communication is secured regardless of network location Access to individual enterprise resources is granted on a per-session basis Access to resources is determined by dynamic policy The enterprise monitors and measures the integrity and security posture of all owned and associated assets All resource authentication and authorization are dynamic and strictly enforced before access is allowed The enterprise collects as much information as possible about the current state of assets, network infrastructure, and communication and uses it to improve its security posture Six Foundational Elements of Zero Trust Identities Devices Applications Data Infrastructure Networks

Every leader needs to know how to lead and manage a team.  On this episode G Mark Hardy and Ross Young share tradecraft on team building. Pitfalls to team building with becoming a hero Organizational Maturity Models (Levels 1-5) Tuckman Teaming Model (Forming, Storming, Norming, and Performing) Leadership Styles (Telling, Selling, Participating, & Delegating) Aligning your Team and Regaining former employees