BSWEpisode177

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode #177 - June 15, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - How CISOs Can Best Prioritize Security With a Decreased Budget - 03:00 PM-03:30 PM


Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!

Description

The recent pandemic has been a financial burden across the country while also forcing businesses to transition to a work from home environment where IT and security departments were tasked with making sure their security infrastructure were prepared. As the country slowly begins to reopen, organizations may not have the necessary funds to spend on areas of their business, including security. Knowing what security best practices to prioritize can help organizations reduce risks, while getting back to work, without breaking the bank.



Guest(s)

Lewie Dunsworth

As CEO, Lewie works closely with the leadership team developing growth strategies and ensuring the company consistently delivers on its mission and strategic goals. Lewie is a visionary leader who is passionate and well respected in the cybersecurity space. His innovation drives business objectives and is an expert in navigating enterprise cultures, while focusing on helping organizations prioritize risk and effectively managing resources. Lewie brings more than 20 years of information security experience to the company.


Hosts

2. News - Virtual CISO, How to Negotiate Virtually, & Endpoint Security - 03:30 PM-04:00 PM


Announcements

  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!
  • Learn how to prevent account takeover attacks in our next June webcast with Google Cloud! In our first July webcast, you will learn how to stitch and enrich flow data for security with VIAVI Solutions! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

In the Leadership and Communications section, Five signs a virtual CISO makes sense for your organization, How to Negotiate — Virtually, Why Securing Endpoints Is The Future Of Cybersecurity, and more!


Hosts

Jason Albuquerque's Content:

Articles

Matt Alderman's Content:

Articles

  1. You have a lot to protect
  2. Your organization is complex
  3. Your attack surface is broad
  4. Your industry is highly regulated
  5. Your risk tolerance is low
  • Cybersecurity In The M&A Process: A CISO's Strategy - Mergers and acquisitions can quickly enable growth within organizations and push companies to new heights. However, a looming question for all cybersecurity practitioners is: Where are the cybersecurity considerations during the due diligence process?
  • How to Negotiate — Virtually - Negotiating virtually tends to leave parties with poorer objective results and feeling less warmth and trust toward one another. Here are some ways enhance the chances for success in virtual settings.
    • When Planning Virtual Negotiations...
  1. Assign clear roles to your team.
  2. Specify – and practice with – offline methods for chatting.
  3. But keep chatting brief.
  4. Video is best; the bigger the better.
  5. Short and sweet.
    • When Leading Virtual Negotiations...
  1. Connect at the outset.
  2. Clarify constraints and assumptions.
  3. Westerners: hide your self-view?
  1. Organizations will have to toughen their cybersecurity policies to deal with the increased risks of employees using their own computers.
  2. IT will have to make sure all the applications allowing remote access to the organization are locked down.
  3. Employees will have to be smarter and safer using computers from home.
  1. 70% of breaches are perpetrated by external actors, making endpoint security a high priority in any cybersecurity strategy.
  2. Attacks on Web apps accessed from endpoints were part of 43% of breaches, more than double the results from last year.
  3. The lack of diligence around Asset Management is creating new threat surfaces as organizations often don’t know the current health, configurations, or locations of their systems and devices.# Cloud assets were involved in about 24% of breaches this year, while on-premises assets are still 70%.
  4. Over 80% of breaches within hacking involve brute force or the use of lost or stolen credentials.
  1. Employers across sectors added 28,000 technology workers in May
  2. The increase in tech positions indicates a sign of recovery for national tech employment, which had previously shed 19,000 positions in March
  3. The unemployment rates for tech occupations showed signs of improvement in May, dropping to 3.7% from 4.3% in April