Claim OwnershipThe Business of InfoSec Podcast
Subscribed: 3Played: 11
Subscribe
© Business of InfoSec by Corinium
Description
The Business of InfoSec Podcast is dedicated to providing a voice to the global information security community. Each episode is focused on a specific topic area, uncovering the most pertinent issues facing infosec, data security, identity access management, cyber/risk insurance & IoT security leaders.
22 Episodes
Reverse
During the Equifax 2017 Data Breach (which exposed the sensitive information on 146 million US consumers), Graeme Payne was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data breach was human error and technological failure. Graeme would later be identified as “the human error”.
In this episode of the Business of InfoSec Podcast, host Michelle Ribeiro talks with Graeme Payne on lessons learned from the Equifax data breach and ideas on how cybersecurity leaders can effectively report risks to the board.
In the discussion this week:
How the CISO role is changing and blending into the CIO role
What the cybersecurity role might look like in the future
Biggest challenges cybersecurity leaders face when reporting risks to the board, and tips and hints on how to overcome them
“Dos” and “don’ts” when engaging the board and building stronger security programs and maturing their capabilities
Neil Thacker, Chief Information Security Officer at cloud security firm Netskope thinks it’s time for Security to shake off its reputation as a roadblock to innovation.
If you’d like to connect with Neil to continue the conversation you can connect with him on LinkedIn here.
Naveed Islam, Chief Information Security Officer at UK-based payments company Dojo, argues that people are the first line of cybersecurity defense
Maricopa County CISO Lester Godsey shares his experiences overseeing information security in a hotly contested presidential election
In this episode of the Business of InfoSec Podcast, we talk to Center for Internet Security editorial panel member Rick Doten about the version eight updates to the organization’s CIS Controls
In the last of our conversations from CISO London, L&Q Group CISO Goher Mohammad explains how best to prepare your organization in a rapidly changing threat landscape and what he expects from attackers in the coming year.
In this episode of the Business of InfoSec Podcast TrueBlue CISO and SVP Karen Holmes explains why she is putting automation and orchestration at the heart of her firm’s cybersecurity strategy.
University of Edinburgh Deputy CISO Garry Scobie joins us on the Business of InfoSec Podcast to discuss the implications of IoT on our homes, our cities, and our lives
In this episode of the Business of Infosec podcast, host Michelle Ribeiro is joined by mentor, speaker, podcaster and award-winning Cybersecurity Professional, Jalpa Bhavsar. Together they walk through Jalpa’s bittersweet transition to a cyber role, and how she’s continuously investing in herself to serve her clients and the organisations she works for.
In the discussion this week:
Some of successful ways to identify and leverage transferable soft skills
Strategies to invest in developing the technical skills required for cybersecurity professionals
Jalpa’s inspiring experience shifting careers while going through the maternity journey
Successful examples of people she has mentored, including a chef, a retail store manager, and a civil architect
How Jalpa is continuously supporting those interested in pursing a career in cyber in her video and podcast
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by Deepa Bradley, Transformation Executive and Daniel Shore Co-Founder, Let’sWeCan. Together they walk through Deepa and Daniel’s journeys into cybersecurity and how to get the best out of your teams.
In the discussion this week:
Psychological safety is not optional – how to create a safe environment for the teams and praise each one of them by letting them know every one of them matters
Cybersecurity decisions are often made on the spot – sometimes they’re good decisions, sometimes not. How can you make sure everyone in the team owns those decisions together?
Building a respectful team is critical in creating high performing teams – strategies to respect their capabilities, understand that people work differently, give them autonomy, and avoid micromanagement
Why you should build a highly capable team before
the organisation is in a crisis mode
Lessons learned from remaining capable and resilient to be a role model in an unhealthy environment
Practical tips and hints for CISOs to roll up
their sleeves and turn their teams into highly capable teams
In this week’s episode of the Business of Infosec podcast,
our host Michelle Ribeiro is joined by Rob Wiggan, a Former CISO and accomplished IT professional with over 25 years of industry experience. Together they walk through Rob’s background, what he has learned during his experiences as a CISO, how to understand what you need for your cyber insurance strategy and adopt a winning approach for your organisation.
In the discussion this week:
Is there life after CISO?
Most common myths around cyber insurance – and how to bust them
Speaking from his experience as a previous CISO who understands the challenges of the role, Rob shares how CISOs should rethink their cyber insurance strategy
How risk management and cyber insurance can complement other cyber security solutions
Successful ways to take cyber insurance as part of your company’s risk management approach
Last, but not least, how CISOs can get buy-in from senior management when adopting cyber insurance
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by Award-Winning Cybersecurity Strategist, Jay Hira. Together they walk through Jay’s impressive background studying computer science and engineering and starting his career in security as a penetration tester. With an incredible wealth of knowledge, Jay shares invaluable tips on how to make your Zero Trust strategy work. He also stresses the importance of diversity, inclusion, and collaboration in cyber.
In the discussion this week:
Some of successful ways companies can benefit from having a diverse cybersecurity teams
Tips to keep up with the evolving threat landscape that’s forcing companies to review the way they operate and make strategic decisions
Why collaboration is paramount and how it can be successfully applied to the cybersecurity function across different businesses
Zero Trust is not a new concept – how it has evolved, and why organisations should shift focus on the strategy instead of the tool
Dos and don’ts of Zero Trust strategy
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by UniSuper’s Cyber Security Analyst, Security Operations Cosi Robinson. Together they walk through Cosi’s inspirational career transition from an Executive Assistant role into the cybersecurity world. She also shares her experience as a victim of identity theft, the implications and repercussions it has had on her life, and advice on preventative measures. She also shares invaluable tips on steps one should take if you fall victim to this crime.
In the discussion this week:
Some of the unimaginable skills an EA can transfer into a cybersecurity role, including board reporting
Overcoming career transition challenges, uncertainties, tips to prepare and the importance of a good mentor to boost your confidence
How overnight studying and hard work paid off and left Cosi with an incredible sense of mission accomplished and achievement
How being a victim of identify theft has affected her life ten years ago
Her inspiring journey taking control of life while looking after her mental health during those challenging days
Recovering from one of the hardest things she has ever had to deal with
How she uses her experience to increase cybersecurity awareness and positively change people’s behaviors
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by Chirag Joshi, Best Selling Author of the 7 Rules to Influence Behaviour and Win at Cyber Security. They lost track of time in an organic conversation around Chirag’s journey into cybersecurity and his wealth of knowledge across different countries and industry sectors.
In the discussion this week:
The importance of moving beyond the concept of awareness by changing the culture and encouraging everyone to act
How the CISO role has evolved so dramatically from technical to advisor and the importance of developing the skills to enable them to articulate threats in a way that translates to financials and risks
The soft skills required for the new CISO: how to develop abilities in finance, contract management, negotiation skills, change manager, and many others
The CISO role has gained tremendous importance to most businesses: what are the dos and don’ts for them to meet what’s now expected of their prominent position
The importance of not being a function of “no”
Developing emotional intelligence by continuously improving yourself
Improving your story-telling skills: good stories inspire emotions, and emotions inspire people to act, which is a key responsibility of any cybersecurity practitioner
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by Jo Stewart-Rattray, CSO for Silver Chain. Together they walk through Jo’s journey into IT and security and her immense experience supporting female leaders advance their careers by hard work, confident and determination.
In the discussion this week:
Ways for women to advance their careers by investing in education, not being afraid of failure, moving on and chasing their dreams
Successful ways to communicate to the board and describe the importance of cybersecurity investments
Ensuring your organisation has strong cyber hygiene practices before going to more elaborate solutions
Assess if your organisation is investing an appropriate amount of money in security based on its needs and its level of maturity
Speaking the business language in a professional and strategic way – don’t just throw acronyms, explain things in a clear and objective way, why invest and the benefits
Don’t underestimate the board’s knowledge and understanding of technology
Approach technology as an enabler, not the focus
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by Rosemary Cooper, Global Information Systems - Governance, Risk and Compliance Manager for Sonic Healthcare. Together they walk through Rosemary’s journey into IT and how a strong data governance framework can dramatically reduce cyber risks.
In the discussion this week:
What cross-sector organisations can learn from data governance in healthcare as protecting the patient’s information has always been a top priority
The CIA Triad of Data – how to get the right balance between confidentiality, integrity and availability
Cyber gets a lot of attention but if data governance is done well risks should be reduced
How to put data governance in the right place in the organisation and give it the right authority
How does a weak data governance framework look like?
And how does a good data governance model look like
When it comes to cybersecurity how do you know what you have in place is effective
In this week’s episode of the Business of Infosec Podcast, our host Michelle Ribeiro is joined by Faizal Janif, Executive Advisory Board Member for the Australian Information Security Association, and Advisory Board Member from Corinium APAC CISO Advisory Board. Together they walk through Faizal’s journey into cyber and his vast experience planning and executing cyber strategy.
In the discussion this week:
The risks and implications of the tick box exercises for CISOs and the organisation
How well do executives understand the effectiveness of their cyber tools – are they implementing it effectively?
How to get out of the “should be alright” attitude and invest in adopting a proactive – as opposed to reactive – approach
Getting an in-depth understanding of your business and your people and adopting an appropriate level of cyber investment for your organisation
How will the next-gen workforce want to operate and how companies and cybersecurity will have to adapt to the employee of the future
Deepa Bradley, a Global Transformation Senior Executive chats with us about risk quantification – challenges, solutions, and future plans
In this week’s episode of the Business of Infosec podcast, our host Michelle Ribeiro is joined by Deepa Bradley, a Global Transformation Executive with experiences as a member of SEEK’s cyber leadership team, and a leader of the cyber security team for the UK Government. Together they walk through Deepa’s journey into cyber and her experiences on risk quantification.
In the discussion this week:
Breaches can affect a country’s entire population resulting in loss of services and impacting processes and scheduling
The formula that can estimate the dollar figure of those impacts
Some of the key risk quantification challenges and successful ways to overcome them
How to mature the organisation’s capabilities and strengthen the cyber posture in times of high risk
Advice for leaders wanting to articulate risk quantification
How the board, cyber and risk teams can work together to avoid being caught unaware
iRhythm Technologies Privacy and Compliance Lead Jonathan Craven discusses how psychology can be a useful tool to promote cyber-secure behavior in the workplace
In this episode of the Business of InfoSec Podcast The Francis Crick Institute CISO Guy Morrell shares the successes, challenges, and surprises that he experienced during his first year as a CISO
Comments
Download from Google Play
Download from App Store
United States