CISO 공개
[search 0]

Download the App!

show episodes
 
The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.
 
Welcome to CISO Tradecraft. A podcast designed to take you through the adventure of becoming a CISO. This podcast was started because G Mark Hardy and Ross Young felt impressed to help others take their Information Security Skills to an executive level. We are thrilled to be your guides to lead you through the various domains of becoming a competent and effective CISO.
 
“CISO's Secrets” promises clear talk on cybersecurity’s burning topics, but not only; A series of 40 minutes weekly podcast hosting Telco industry CIOs and CISO’s, from global and leading companies. Podcast will share true stories, reveal real-life scenarios, and more. The host will lead discussions about Security trends, best practices, cloud, networks, data, employees, habits, and secrets while drifting between personal and professional life. Earn your CISO's Secrets membership badge at ht ...
 
Loading …
show series
 
Would you like to know more about Ransomware? On this episode of CISO Tradecraft, G Mark Hardy and Ross Young provide an in-depth discussion on Ransomware. Key discussions include: What is ransomware? Why does it work? Ransomware Types (Client-Side, Server-Side, & Hybrid) How each of these enter a target environment Ransomware Incidents The Economi…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/we-recommend-a-know-the-right-people-certification/ There are so many fantastic certifications out there for security professionals. But we've found the one certification that will really help you land the right job really quickly, is to provide proof that you …
 
This week's episode acts as a follow up to provide answers to your burning questions following the interview of our special guest, Gordon Rudd of Stone Creek Coaching, who trains and coaches aspiring and current CISO's. But, how do you know if you want to be a CISO. Heck- What is a CISO? It's in the name, right? How do we know exactly what a Chief …
 
In this episode of The New CISO, Matt King comes on to focus on the leadership side of cyber security. Matt talks about how lifelong learners make for great leaders, and how he learned to not make assumptions about his team members when managing them. Background Matt King is currently the VP of Global IT Security, CISO at Belcan. He has been with t…
 
If there's one place that knows how Advanced Persistent Threat (APT) actors work, it's the National Security Agency (NSA). On this episode of CISO Tradecraft G Mark Hardy and Ross Young discuss NSA's Top Ten Cybersecurity Mitigation Strategies and how to use them to secure your company. Since the mitigation strategies are ranked by effectiveness ag…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/my-backup-plan-is-hoping-my-cloud-provider-has-a-backup-plan/ I think maybe I should check to see if we paid for cloud backup protection. Or maybe, we're doing it. Who knows? This episode is hosted by me, David Spark (@dspark), producer of CISO Series, and Mike…
 
Gordon Rudd joins us for this week's episode of the podcast. Gordon Rudd is a former CISO, executive coach, author, keynote speaker, and teacher with Stone Creek Coaching. Gordon founded the CISO Mentoring Project in 2012 and is an engaged mentor to many aspiring and active CISOs around the world. He founded Stone Creek Coaching in 2019 to help cre…
 
Would you like to know the best practices in modern software development? On this episode G Mark Hardy and Ross Young overview the 12 Factor App and its best practices: Codebase: One codebase tracked in revision control with many deploys. Dependencies: Explicitly declare and isolate dependencies. Config: Store configurations in the environment. Bac…
 
In this week’s episode of CISO’s Secret CISO and Host James Azar hosts Joe Davis the Chief Security Advisor for Health and Life Sciences at Microsoft joins the show to discuss the Security of Medical Devices and healthcare conundrums. Joe shares the latest about how the healthcare industry views cybersecurity and its challenges and what is taking p…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/patches-yes-we-need-stinkin-patches/ There was a time we could trust a patch, but now our adversaries are actually looking at the patches to find even more vulnerabilities. And we keep patching those as well. Our patches' patches need patches. When does it stop…
 
In this episode of CISO Dojo, Stacy outlines how she broke through into the field of Information Technology, and, subsequently, Cyber Security. How does one connect the dots from being a Retail Store Manager with an Associate's in Fine Arts to becoming an aspiring Security Engineer with one of the world's largest security companies? Stained shirts …
 
This special episode features Mark Egan (Former CIO of Symantec as well as VMWare). Mark discusses what he looks for during interviews with CISOs, what executives need to demonstrate during their first 90 days to be successful, and how he helps the next generation of cyber professionals at Merritt College. Three Questions to ask during any intervie…
 
On this episode of the New CISO, Dr. Rebecca Wynn joins us to discuss the logistics of being a CISO both on a team and personal level. The episode focuses on what type of person is the right fit to become a CISO and how to properly manage the well-being of your team once you land that role, especially now that CISOs are managing their teams in a vi…
 
Michael Kagan, CTO at NVIDIA joins CISO’s Secret host & CISO James Azar to talk about the future. Michael shares the concept of The Data Center is the New Computer, the two discuss the meaning of that from a business, technology, scalability and of course cybersecurity & compliance perspective. Michael shares a wealth of knowledge on how this conce…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/i-think-possibly-maybe-weve-solved-diversity-in-cybersecurity/ We're tired of hearing "we're trying" when it comes to the subject of how companies are trying to inject diversity into their organizations. It's a lopsided game and diverse candidates have to make …
 
This episode starts a new series about non traditional paths to information security. This series will post every Monday when we don't have a guest on the show. In this series we will look at ways to get into information security and how to progress in your career. This pilot starts out with my own path in information security from auto technician,…
 
Would you actually like to learn about what Zero Trust is without a bunch of marketing jargon? On this week's episode G Mark Hardy and Ross Young provide a thoughtful discussion on Zero Trust from NIST and Microsoft: Microsoft's Zero Trust Principles Verify Explicitly Use Least Privileged Access Assume Breach NIST 800-207 Seven Tenets of Zero Trust…
 
Dr. Anton Chuvakin, Security Solution Strategist at Google Cloud joins the show to talk about security by design, building and securing the cloud and highlights the challenge is how do we determine who is responsible for what in the cloud. James Azar, CISO and host and Dr. Chuvakin also discuss the challenges of the supply chain and that many small…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/unnecessary-research-reveals-cisos-hate-cold-calls/ In a study we never actually conducted, our fellow security leaders said unequivocally that there never has been a time they welcome a phone call from someone they don't know trying to book a demo to see a pro…
 
Risk Assessments, Frameworks, and Approaches Risk Assessments are the topic for this episode of the CISO Dojo Podcast. What is a risk assessment: The identification, evaluation, and estimation of the levels of risks involved in a situation, with comparisons against benchmarks or standards, and determination of an acceptable level of risk. There are…
 
Every leader needs to know how to lead and manage a team. On this episode G Mark Hardy and Ross Young share tradecraft on team building. Pitfalls to team building with becoming a hero Organizational Maturity Models (Levels 1-5) Tuckman Teaming Model (Forming, Storming, Norming, and Performing) Leadership Styles (Telling, Selling, Participating, & D…
 
Rinki Sethi joins us for the second time on the show, and this time she is with a new company. Just a few months ago, Rinki became the CISO at Twitter. In this episode, we talk about what made Rinki want to take the jump to a new company and how you can adjust to working for a new company when you’re completely remote.Background Rinki joined Twitte…
 
The latest from CISOs Secrets hosted by James Azar as Jonathan Hunt, CISO at GitLab joins the show to discuss and share how to turn devops to devsecops, Jonathan also shares how he developed security programs from start-ups to enterprise and so much more. Host & CISO James Azar and Jonathan share the challenge of open source and provide several exa…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/one-day-youll-grow-up-to-know-less-than-you-do-now We know so little when we're born. We're just absorbing information. But then we get older, and get the responsibility to secure the computing environment of a large company, we actually see that knowledge we a…
 
Having the ability to inspire confidence is crucial to lead others and allows you the opportunity to gain access to executive roles. On this episode G Mark Hardy and Ross Young discuss executive presence: What is it Why you need it How to get it We will discuss Gerry Valentine's 7 Key Steps to building Your executive presence: Have a vision, and ar…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/would-you-look-at-that-unrealistic-licensing-deal/ CISOs know that salespeople want to make the best licensing deal they can possibly get. But unpredictability in the world of cybersecurity makes one-year licensing deals tough, and three-year licensing deals im…
 
If you use email, this episode is for you. Attackers leverage email for ransomware, Business Email Compromise (BEC), account takeover, and other threats that can be reduced with effective technical controls (as well as user education.) These three tools all involve placing simple entries in your DNS records. To work effectively, the recipient also …
 
Episode 4 of CISO’s Secrets where host and CISO James Azar is joined by the great Ross Young CISO at Caterpillar Financial to discuss the framework he made mapping NIST controls to OWASP threat and safeguard matrix and how he put together, how CISO’s can leverage it in their organization and how security controls play a significant role in the fram…
 
Dr. Eric Cole of Secure Anchor joins us in this episode to talk about the misconceptions of what a CISO should really be. This episode focuses on the corporate side of cyber security and the line between a CISO and a security engineer.BACKGROUND Dr. Cole has over 30 years of cyber security experience. Before that, he was a hacker for eight years fo…
 
Curtis Simpson, CISO of Armis joins us to discuss the pros and cons of starting your career in a small organization versus a large enterprise. How can you influence and inform business partners from a security perspective? Why do people believe the CISO shouldn’t report to the CIO? BACKGROUND Curtis likes to say he was born with a keyboard in his h…
 
Max Garcia CISO at NCR Financial joins host James Azar for this week’s episode of CISOs Secrets. The two CISO’s discuss the migration from legacy to cloud systems, how the migrations changes the landscape of audits and what CISO’s need to plan for as they transition and prepare for audits. http://bit.ly/2NT5vmH Tags: cisociocyber securitycheck poin…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/this-is-the-year-im-going-to-lose-weight-and-care-about-security/ Every year I say I'm going to do it. I'm going to get healthy and be much better about securing my digital identity and my data. But then after about two weeks I give up, use the same password ac…
 
Employee Retention Strategies for CISOs Employee retention of top talent should be on the mind of every CISO today. Recruiters are focused on coaxing the best employees away from organizations due to the perceived skills shortage in the information security industry. When an employee approaches you about an offer from another company, how should yo…
 
The Australian Cyber Security Center (ACSC) believes that not all cyber security controls are created equal. The have assessed various strategies to mitigate cyber security incidents and determined there are eight essential cyber security controls which safeguard any organization more than another control. These controls are commonly known as, "The…
 
Kurt John joins host & CISO James Azar to discuss the best practices of IT/OT security in an era of manufacturing vulnerabilities and how he focuses his team on the defending, protecting and thinking outside the box to defend the $25B business. The two share several ideas of supply chain management and the integration of IT and OT as well as buildi…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/please-accept-this-not-a-bribe-gift-as-an-act-of-desperation/ Offering me a gift for a meeting was definitely not Plan A. Or was this a situation that you ran out of creative ideas and it's actually more cost efficient to buy your way into meeting with me? This…
 
As a CISO, one of the key functions you will be responsible for is IT Governance. On this episode we discuss what the intent is for a wide variety of cybersecurity documentation that you can leverage, influence, and enforce. Examples include: Policies Control Objectives Standards Guidelines Controls Procedures ... Helpful visual from ComplianceForg…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/foul-that-interview-question-is-unfair/ Pick a side. You either want your employees to have a work/life balance, or you want them to be obsessed with security 24/7. You can't have both. This episode is hosted by me, David Spark (@dspark), producer of CISO Serie…
 
This is our inaugural episode and an exciting one. HBO Max CISO Brian Lozada joined host & CISO James Azar to discuss Cloud Security and how securing the cloud and working in a SaaS environment can challenge a CISO and what Brian does to ensure he empowers his team and organization to be secure. Earn your CISO's Secrets membership badge at http://b…
 
At some point in time, a CISO will need to purchase new security technology. Whether it's antivirus, firewalls, or SIEMs you need to understand how to choose a product that will benefit your organization for years to come. This podcast discusses 5 different techniques that CISOs can apply to help with product selection Perform Market Research to le…
 
All links and images for this episode can be found on CISO Series (https://cisoseries.com/why-do-we-fire-the-ciso-tradition/) Yes, firing the CISO probably won't solve our security issues. But our community has a multi-generational heritage of relying on scapegoats to make them feel good about their decisions. This episode is hosted by me, David Sp…
 
Have you ever wanted to become an executive, but didn’t know what skills to focus on? On this episode of CISO Tradecraft, G Mark Hardy and Ross Young provide guidance from the Office of Personnel Management (Chief Human Resources Agency and personnel policy manager for the US government). The podcast discusses the 6 Fundamental Competencies and the…
 
Artie Wilkowsky, CISO for Dish Network, joins us on this episode to speak about specialization, leadership skills, and the qualities he looks for in new hires. Artie’s Background Artie has been working at Dish for over two years, helping with all their lines of business, such as Sling, Contact, and Wireless. Before that he bounced between consultin…
 
All links and images for this episode can be found on CISO Series (https://cisoseries.com/click-this-link-to-fail-a-phishing-test/) Our phishing tests are designed to make you feel bad about yourself for clicking a link. We're starting to realize these tests are revealing how insensitive we are towards our employees. This episode is hosted by me, D…
 
Making things cheaper, faster, and better is the key to gaining competitive advantage. If you can gain a competitive advantage in cyber, then you will reduce risk to the business and protect key revenue streams. This episode discusses the three ways of DevOps and how you can use them to improve information security. The three ways of DevOps consist…
 
All links and images for this episode can be found on CISO Series https://cisoseries.com/our-hope-it-doesnt-happen-to-me-security-strategy/ We're thinking it just might be possible to wish our security problems away. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest this week is Steve…
 
Most organizations generate revenue by hosting online transactions. Cryptography is a key enabler to securing online transactions in untrusted spaces. Therefore it's important for CISOs to understand how it works. This episode discusses the fundamentals of cryptography: What are the requirements for cryptography? How long has cryptography been arou…
 
Gorka Sadowski, the CSO of Exabeam, joins us on this episode to speak about his decades of experience in cybersecurity and what he’s learned about acquiring new technology. Gorka’s Journey Although Gorka became Chief Strategy Officer for Exabeam only three months ago, he has over 30 years of experience in cybersecurity. Gorka has learned many valua…
 
All links and images for this episode can be found on CISO Series (https://cisoseries.com/hey-reseller-whats-the-value-youre-adding/) It seems that you're offering so much more when you add the VA ("value added") in front of your title. What is that? Why am I working with you rather than buying directly from the vendor? This episode is hosted by me…
 
Understanding how to secure the cloud is a crucial piece of tradecraft that every CISO needs to understand. This episode provides an in depth discussion of AWS's 7 design principles for securing the cloud: Implement a strong identity foundation Enable traceability Apply security at all layers Automate security best practices Protect data in transit…
 
Loading …

빠른 참조 가이드

Google login Twitter login Classic login