BSWEpisode163

From Paul's Security Weekly
Jump to: navigation, search

Recorded February 10, 2020 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.

  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.


    Interview: David Sherry & Tara Schaufler, InfoSec World Speakers

    Tara Schaufleris the Information Security Awareness and Training Program Manager at Princeton University.
    Tara Schaufler is the Information Security Awareness and Training Program Manager at Princeton University. Tara has been at Princeton for 15+ years and has spent the last eight focusing on training and technical communications. Over the past three and a half years she has built a robust security awareness and training program from the ground up. Some projects she tackled included: reconstructing Princeton’s Information Security Office’s website; creating a virtual phish bowl to share current phishing attempts; crafting a new departmental logo; creating games and events to increase engagement with the campus community; and producing and teaching information security classes and communications for end users on a variety of topics. Tara is a member of the HEISC Awareness and Training Working Group and a Certified Professional in Accessibility Core Competencies (CPACC). Tara holds a Bachelor of Arts degree in the social sciences and a Master of Administrative Science degree.





    David Sherryis the Chief Information Security Officer at Princeton University.
    David Sherry serves as the Chief Information Security Officer for Princeton University. He leads the Information Security Office, which has responsibility for security architecture, engineering, operations, risk assessment, compliance, business continuity, disaster recover, and awareness and training. David has over 25 years in information technology, with the last 20 solely focused on security, and has led security missions in several verticals before arriving in higher education twelve years ago. He has an MBA and two security certifications, and is an active participant in the nationwide higher ed security discussion. A lifelong resident of New England, he moved to the Princeton area in 2016, and he’s working hard to teach his staff the Boston accent.

    Segment Topic:
    Zero to Sixty: Making Security Programmatic and Cultural

    Segment Description:
    Our presentation in Orlando will be the rapid cultural change of security on the Princeton campus.



    Leadership Articles

    • Why 67% of companies fear they can't sustain privacy compliance - True privacy depends on where and how data travels. Privacy requires business commitment as data travels and accumulates. Keeping track of data, wherever it migrates to, will keep companies compliant — not a privacy policy hidden at the bottom of a website.
    • General Mills expands C-suite with new tech role - Jaime Montemayor, former chief technology officer at 7-Eleven, will become chief digital and technology officer of General Mills on Feb. 24. CIO Don Monk will report to Montemayor. Montemayor will oversee the IT and Technology Solutions teams, and will lead digital transformation efforts, including boosting data and analytics capabilities.
    • Research: Why We’re Incentivized by Discounts and Surcharges - In four studies, with nearly 2,000 participants, we find that the structure of an incentive—as either a surcharge or a discount—sends a subtle message to people about what others think and do. As social animals, humans are highly motivated to fit in with their peers—that is, to follow what they perceive to be a social norm. Shifting social norms is particularly appealing not only to motivate behavior in the moment, but also because it can lead to lasting behavioral changes.
    • Present Your Data Like a Pro - How you present data can double — or decimate — its impact, so take note of these seven ways to ensure that your data is doing its job.
    1. Make sure your data can be seen
    2. Focus most on the points your data illustrates
    3. Share one — and only one — major point from each chart
    4. Label chart components clearly
    5. Visually highlight “Aha!” zones
    6. Write a slide title that reinforces the data’s point
    7. Present to your audience, not to your data
    1. Understand the role of content in a recruitment campaign
    2. Tailor the message
    3. Use storytelling
    4. Nurture your candidate pipeline


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+