DiscoverThe Virtual CISO Moment
The Virtual CISO Moment

The Virtual CISO Moment

Author: Greg Schaffer

Subscribed: 12Played: 1,084
Share

Description

The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Email greg.schaffer@secondchancebook.org. A Second Chance Publishing, LLC podcast.
445 Episodes
Reverse
David Primor is the Founder and CEO of Cynomi, which addresses a critical gap in mid-market cyber protection - creating and executing a cyber and compliance strategy for companies with insufficient (or no) cyber personnel. He spent the first half of his career as a strategic cyber expert and leader, on the front lines of state-level cyber defense (8200, Israeli National Cyber Security Authority). He believes one of the next big challenges (and opportunities) in cyber is in the SMB space - providing optimal protection for companies with a very limited cyber budget and little to no in-house expertise. Cynomi’s AI powered offering does just that.
Nick Espinosa is the Chief Security Fanatic at Security Fanatics, author, speaker, and radio show host. An expert in cybersecurity and network infrastructure, Nick has consulted with clients ranging from the small business owners up to Fortune 100 level companies. Nick has designed, built, and implemented multinational networks, encryption systems, and multi-tiered infrastructures as well as small business environments. He is passionate about emerging technology and enjoys creating, breaking, and fixing test environments.
Lisa Plaggemier, the Executive Director at National Cyber Security Alliance, joins us for our special April Wednesday end of month episode. She is a creative and revenue-driven Marketing and Strategy Executive. She excels at creating attainable strategic vision that inspires employees and attracts customers, is respected by CSOs and CISOs, is a winner of the SC Magazine’s Reboot Thought Leadership Award, and is a frequent speaker at RSA and SANS. She joins us to explain how the National Cyber Security Alliance helps with both personal and small and midsized business security, including a new initiative for SMBs.
Davy Cox is the founder of Brainframe.com, an all in one ISMS/GRC/DMS/QMS that can help SMBs and vCISOs manage their information security programs. With a bachelor in ICT, a Master in Security (RSSI), a AWS Solution Architect - professional certification and more than 15 years hands on experience leading IT, infrastructure and infosec, he can highly augment the success, efficiency and stability of any challenging environment. Over the years he has built up a deep understanding and experience on ISO2700x security implementations, HDS compliance, GDPR compliance (with medical products) and effective hands on security hardening best practices for high traffic online services. He has built up a "security & privacy by design" mentality which he strives to spread among the people he works with.
In a special Wednesday episode, Don Colliver joins us to discuss how to be successful making technical presentations. He is an Enterprise Communications Consultant and Technology Evangelist and the author of "Wink: Transforming Public Speaking With Clown Presence" available in paperback, eBook, hardcover, and audiobook through Amazon and all major retailers. He empowers leaders and enterprise organizations to connect more effectively through their messaging with new-school authenticity, spontaneous fun, and transformative results. For more information, check out: https://www.winktechtalks.com https://www.doncolliver.com/engage
Ryan Spellman is the Managing Director, Cyber Risk Managing Director, Cyber Risk at K logix. There are many vCISO and other cyber security consultants who offer third-party risk services but have minimal exposure to the issues associated with third-party risk, which are markedly different than enterprise risk. Learn what a vTPCISO is, why it matters, and what questions to ask of your vCISO when they suggest adding third party risk service to their offerings.
For our special last Wednesday of the month episode for March, Greg van der Gaast joins us. Greg is an international speaker on Why Security Fails, IT Quality, Leadership, and Strategy. He also is a former hacker, FBI & DoD operative, author, advisor, CISO, and people and culture enthusiast. Listen to hear his fascinating story and what is a major threat for SMB information security that most don't consider. He can be reached at https://gregvandergaast.com/.
Bill Butler is an experienced Vice President Of Engineering with a demonstrated history of working in the hospital and health care and security compliance industry. He is the Founder and VP Engineering of PolicyCo (policyco.io), a platform that lets you tie Regulations, Policies, Procedures, Control Testing and Remediation together in a single platform, along with a host of other features like version control, reporting, sharing, attestations, and a public API.
Michael Lines is CISO for Open Technology Solutions, an expert in developing and leading information security and risk programs for organizations ranging from global enterprises to SaaS startup, and is authoring a book titled Heuristic Risk Management, dealing with why most risk management efforts are ineffective and what to do about it.
From October 25, 2023 - Albert Whale, Founder and CEO of IT Security Solutions, Inc and the developer of ITS Safe which provides real-time continuous protection at machine speed. He has over 30 years of experience with reducing the risk for business owners, minimizing their liabilities and overall risk. He has extensive experience in the techniques that criminal hackers use and identifies the probability and impact risks to exploit their business. He is the author of #Hacked and the primary author of #Hacked2.  https://its-safe.com/ https://thehackedbook2.com/
Carlota Sage is the Founder and Community CISO for Pocket CISO, thrives in that squishy area where business and technology meet human nature, and builds the relationships that get security, technology, business processes and people working together better, and has a background that includes information architecture, enterprise infrastructure, information security, and knowledge management. Among other things we discuss the vCISO space and the importance of brake lines!
Silicon Valley Bank fallout, AI risks to business, AI generated YouTube risks, how to master cyber threat intel skills, and eight websites to check if an email address was compromised. https://www.nbcnews.com/business/business-news/treasury-says-will-back-silicon-valley-bank-deposits-rcna74570 https://nypost.com/2023/03/13/hsbc-will-buy-uk-subsidiary-of-collapsed-silicon-valley-bank/ https://www.helpnetsecurity.com/2023/03/13/svb-cyber-fraud/ https://securityaffairs.com/143394/security/company-data-chatgpt-risks.html https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html https://infosecwriteups.com/how-to-master-in-real-cyber-threat-intelligence-build-military-grade-intelligence-skills-7df418b4b508 https://infosecwriteups.com/8-free-websites-to-check-if-your-email-address-is-compromised-7e8742e099c6
https://www.tsa.gov/news/press/releases/2023/03/07/tsa-issues-new-cybersecurity-requirements-airport-and-aircraft https://www.bleepingcomputer.com/news/security/sonicwall-devices-infected-by-malware-that-survives-firmware-upgrades/ https://thehackernews.com/2023/03/lastpass-hack-engineers-failure-to.html https://www.theregister.com/2023/03/08/acer_confirms_server_breach/ https://krebsonsecurity.com/2023/03/sued-by-meta-freenom-halts-domain-registrations/ https://www.bleepingcomputer.com/news/security/duckduckgo-launches-ai-powered-search-query-answering-tool/ https://www.nist.gov/itl/applied-cybersecurity/nice/resources/veteran-resources https://www.hackread.com/businesses-focus-on-cybersecurity/ https://www.helpnetsecurity.com/2023/03/08/building-perfect-cybersecurity-startup/
From October 19. 2022 - Jon Sternstein is the Founder and Principal of Stern Security, a cyber security company headquartered in Raleigh, NC. He is co-author of the Cisco Press course titled “Security Penetration Testing (The Art of Hacking) LiveLessons”, holds many security certifications including: GIAC Penetration Tester and Certified Information Systems Security Professional (CISSP), is a featured cyber security expert, and talks with us about managing risks - and a little guitar! Recorded at RETR3AT Cyber Conference Montreat College September 23, 2022.
Dave Sobel is the host of the Business of Tech podcast (https://www.businessof.tech/), a leading IT services focused news and analysis podcast and YouTube show, and owner of MSP Radio. He is regarded as a leading expert in the delivery of technology services, with broad experience in both technology and business. He owned and operated an IT Solution Provider and MSP for over a decade, both acquiring other organizations and eventually being acquired. Dave holds a bachelor's degree in Computer Science from the College of William and Mary. He is a dynamic voice within the IT community, a former member and facilitator for Heartland Technology Groups and passionate about collaborating with clients and peers on utilizing technology to advance organizations.
https://www.washingtonpost.com/technology/2023/03/05/ai-voice-scam/ https://securityaffairs.com/143051/data-breach/credential-stuffing-chick-fil-a.html https://www.bitdefender.com/blog/hotforsecurity/recent-cybersecurity-study-reveals-top-us-states-to-suffer-data-breaches/ https://www.sfgate.com/tech/article/oakland-ransomware-attackers-may-leak-data-17818589.php https://www.cisa.gov/news-events/alerts/2023/03/01/cisa-releases-decider-tool-help-mitre-attck-mapping https://www.helpnetsecurity.com/2023/03/01/burp-suite-penetration-testing-extensions/
https://www.wsj.com/articles/biden-national-cyber-strategy-seeks-to-hold-software-firms-liable-for-insecurity-67c592d6 https://www.reuters.com/technology/white-house-gives-agencies-30-days-impose-federal-device-tiktok-ban-2023-02-27/ https://krebsonsecurity.com/2023/02/hackers-claim-they-breached-t-mobile-more-than-100-times-in-2022/ https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/ https://piunikaweb.com/2023/03/02/windows-calendar-app-crashing-or-not-opening-fix-in-works/ https://www.insurancejournal.com/news/national/2022/08/30/682564.html https://www.bankinfosecurity.com/10-belt-tightening-tips-for-cisos-to-weather-downturn-a-21321
From October 19, 2022 - Keith Maune, Founder & COO at Acumen Technology, discusses his IT and cybersecurity path, from doing consulting work for companies needing website design and programming services, working after school and full-time during the summers, pursuing a BS and MBA while working full-time as co-owner and CIO of Advanced Network Solutions, earning a law degree, and launching Acumen Technology, a comprehensive managed services organization that serves Middle Tennessee as the premier IT services provider for community banks, healthcare providers, and professional services organizations.
Caroline McCaffery is a lawyer who started a data privacy and cybersecurity technology company called ClearOPS to provide technology to virtual CISOs. B2B2B It is a customer relationship management tool + work automation for managing security programs, such as vendor management, gap analysis, security posture and security questionnaire response. She also hosts The vCISO Chronicles, a new podcast series focused on telling the stories of virtual CISOs.
https://www.smh.com.au/national/fake-russian-diplomats-revealed-as-heart-of-hive-spy-ring-in-australia-20230223-p5cmxz.html https://www.businessinsider.com/hackers-ransomware-getting-laid-off-amid-better-cybersecurity-report-2023-2 https://www.abc.net.au/news/2023-02-27/national-cyber-office-to-be-established-in-wake-of-optus-hack/102026156 https://www.secureworld.io/industry-news/european-commission-tiktok-ban https://www.darkreading.com/risk/1-in-4-cisos-will-leave-cybersecurity-by-2025 https://media.defense.gov/2023/Feb/22/2003165170/-1/-1/0/CSI_BEST_PRACTICES_FOR_SECURING_YOUR_HOME_NETWORK.PDF https://www.tripwire.com/state-of-security/ways-cyber-attackers-are-looking-exploit-government-agencies
loading