From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly #85

Recorded May 14, 2018 at G-Unit Studios in Rhode Island!


  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.
  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Announcements

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at:
    • Ticket Sales are open for Social Engineering RI Conference. Saturday, June 6th at Salve Regina University in Newport RI. Go to - to register! Patrick Laverty will be joining us for an interview next week. Stay tuned to hear more about this conference!

    Interview: George Finney, Southern Methodist University

    George Finney
    is the Chief Security Officer at Southern Methodist University. [

    George Finney, is the Chief Security Officer for Southern Methodist University and is the author of No More Magic Wands: Transformative Cybersecurity Change for Everyone. He has also taught in the SMU School of Engineering on the subject of Corporate Cybersecurity and Information Assurance. Before joining SMU, George worked with several startups and global telecommunications firms designing networks, writing policy, hardening servers, and educating users. George received his J.D. from Southern Methodist University's Dedman School of Law and his B.A. in mathematics and philosophy from St. John's College in Santa Fe, New Mexico. George is a member of the Texas CISO Council, a governing body member of the Evanta CISO Coalition, and an advisory board member for SecureWorld. George is an licensed attorney in the state of Texas, a Certified Information Privacy Professional, a Certified Information Security Manager, as well as a Certified Information Security Systems Professional and is a frequent speaker on Cybersecurity topics across the country. His blog can be found at where he writes on topics focusing on improving Cybersecurity awareness through a unique approach that combines neuroscience, psychology, and wellness.

    Check out these insights from George:

    Article Discussion on Leadership, Communication, and Innovation

    Why People Really Quit Their Jobs

    • ‘’They left when their job wasn’t enjoyable, their strengths weren’t being used, and they weren’t growing in their careers.’’
    • Design the work; focus on people first
    • ‘’enable them to do work they enjoy, help them play to their strengths, and carve a path for career development that accommodates personal priorities.’’

    This Company Spent 300,000 Hours a Year in Pointless Meetings

    • Time in meeting, time spent preparing, supporting… and handling results
    • Think about what you accept
    • Consider the time to prep
    • Agendas and schedules (connect back to what you accept)
    • Uninvite yourself… and protect your team

    An Ode To The OKR - How To Motivate Greater Ambition In Teams

    • OKR = objective and key result
    • Shoot for 70% (what is success, anyway?)
    • How do you shift your mindset?
    • What is your goal… and quantified measure of success?
    • Specific, hard goals set the stage for more success

    Why You Need an Untouchable Day Every Week

    • Makers versus managers; block the time you need for both
    • Push too hard and things break (ode to Straight Talk and friction)
    • Schedule the untouchable day WEEKS in advance; before anything else
    • No deletion, but you can shift it

    How Good Customer Experience Can Turn Bad, in the Swipe of a Credit Card

    • What’s your backup when the system fails?
    • We are less tolerant of poor experiences
    • Treat your employees like customers - more engaged, productive, and loyal
    • What about the systems our people use interacting with customers?

    Tracking Security Innovation

    Data Breaches Decline In Number

    • Q1 2018 is a four-year low in terms of the number of breaches
    • Only 1.4B records exposed, down from 3.4B last year - and 1.27B were the result of fraud
    • Email phishing declined to 31 from 214 the year before
    • Blip, trend, or something else?
    • Criminals finding new trends?

    PhishLabs-BrandProtect merger

    The recently combined entity will provide a range of threat intelligence and mitigation services. Existing PhishLabs investor Alerion Ventures also participated in the round.

    Avast cuts proposed IPO range

    SafeBreach raised $15M Series B

    • ‘’SafeBreach develops a disruptive security platform that enables enterprises to execute breach scenarios and find issues in their network.’’
    • $34M over 3 rounds, including a July 2016 series A of $15M
    • Simulation and validation; does it help training?

    Red Canary raised $6.3M in Equity

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+