BSWEpisode172

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode #172 - May 04, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - Lessons Learned from a Data Breach - 03:00 PM-03:30 PM


Announcements

  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.

Description

During the Equifax 2017 Data Breach, Graeme Payne was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data breach was a human error and technological failure. Graeme would later be identified as “the human error”.



Guest(s)

Graeme Payne

Graeme Payne is a consultant, speaker, and coach. He works with boards and senior executives to help them understand and manage cybersecurity and IT risks. He has over 30 years of experience in consulting and IT management in financial services, insurance, healthcare, retail, manufacturing, and utility industries. During the Equifax 2017 Data Breach (which exposed the sensitive information on 146 million US consumers), he was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data breach was a human error and technological failure. Graeme would later be identified as “the human error”. Prior to joining Equifax in 2011, Graeme was a Principal at Ernst & Young and Global Leader of Governance, Risk & Compliance at Wipro Consulting. Over his 30 year career, he has consulted with hundreds of companies on cybersecurity and IT risk programs. Graeme started his career as an accountant and holds many security and IT risk certifications. He grew up and worked in New Zealand before moving to the United States in 1995.


Hosts

2. News - CISO Burnout, 7 Rules to Stay Productive, and Hire Great Talent Now! - 03:30 PM-04:00 PM


Description

In the leadership and communications section, CISO position burnout causes high churn rate, 7 Rules for Staying Productive Long-Term, Now Is an Unprecedented Opportunity to Hire Great Talent, and more!


Hosts

Jason Albuquerque's Content:

Articles

Matt Alderman's Content:

Articles

  • CISO position burnout causes high churn rate - Research from Enterprise Strategy Group (ESG) suggests that, on average, a CISO lasts just two to four years on the job before moving on to another position -- and many point to cybersecurity burnout as a top driver of CISO churn.
  • 7 Rules for Staying Productive Long-Term - Ultimately, everybody has a system for productivity. If your system is going to be liberating rather than suffocating, however, you need to follow a few guidelines:
  1. Your system needs to fit your work (not the other way around)
  2. The system should counterbalance your worst tendencies
  3. The system needs a way of dealing with exceptions
  4. A good productivity system shouldn’t “feel” productive
  5. If your work changes, your system should too
  6. Always measure against your baseline (not somebody else’s)
  7. A system cannot give your work meaning or motivation
  • No going back to packed workplaces after Covid-19 - A recent project by IT service providers outlines how, in a post-coronavirus world, businesses like Barclays Bank will reduce their reliance on skyscrapers packed with people.
  • A long-term move to remote work will expand tech talent market access - According to Hired's State of Remote Work 2020 report, which surveyed 2,200 tech workers and 300 companies:
    • The pandemic-driven lockdown has made half of North American tech professionals more interested in remote work than before
    • A looming recession pushed 43% of tech professionals to actively search for new job opportunities
    • The majority of businesses continue to hire, with 68% of employers actively hiring
  • Now Is an Unprecedented Opportunity to Hire Great Talent - How to seize the opportunity:
    • Ask your top leaders to list three to five great players they would have liked to have hired over the past five years and then check in with those people.
    • Set up a task force to source potential candidates from target sectors and companies who may now be either jobless or open to change.
    • Interview and check references remotely with the same rigor you would in person.
    • Go out of your way to motivate the best candidates.
    • Don’t ignore the sourcing, retaining, and development of in-house talent.
  • Crisis pressure tests digital strategies as time-to-recovery estimates extend - According to a PwC survey of 305 U.S. CFOs and finance executives, conducted April 20-22:
    • More than three-quarters of organizations plan to change workplace safety measures and requirements and 65% plan to rework sites to enable physical distancing
    • Half of companies plan to make remote work a permanent option for the jobs that allow it
    • One-quarter of companies are considering real estate footprint reductions
    • Cost containment remains a primary focus across all industries as 86% of companies are implementing cost-containment measures

Paul Asadoorian's Content:

Articles