Bsw186

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode #186 - August 31, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. CISO Interview: Role of the CISO, Why Do You Need a vCISO? - 03:00 PM-03:30 PM


Announcements

  • Security Weekly is ramping up our webcast/technical training schedule for the rest of 2020! In September you can Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network, Find out Why Traditional Data Security Can’t Be Zero Trust, and Learn how to reduce the blast radius of your cloud infrastructure. Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

Organizations need a highly skilled security chief to drive fundamental initiatives and align activities to address pressing enterprise needs. Proven CISOs (Chief Information Security Officers) are hard to find and essentially they could become challenging to retain and afford. Flexible Virtual CISO model is an excellent choice to achieve your enterprise goals in terms of security. Companies usually face diverse challenges in term of cost, retention, limited talent in a particular location, etc. The solution to achieve operational excellence and drive highly successful security programs at a fraction of the cost, is to hire a vCISO. A Virtual CISO will occupy the same place in the organization a full-time CISO would, but in a more cost-effective way. A vCISO will provide strategy, guidance, and oversight to achieve operational success in security. Operating with an independent voice, they often can escape the internal politics that plague some organizations.


Segment Resources: https://www.linkedin.com/pulse/why-do-you-need-virtual-ciso-carlos-becerra-cciso/


Guest(s)

Carlos Becerra

Carlos Becerra, CB Universal’s Co-Founder, is an entrepreneur and a seasoned executive with 20+ years of experience building & establishing specialized technology risk & cybersecurity programs. During his career trajectory Carlos has designed, implemented and led the information security organization for multiple Fortune 500 companies. He is recognized for his ability to navigate risk through innovative leadership and vision. Carlos has the proven ability to craft robust and successful security programs, leveraging his deep technical background and strong business acumen to align technology with executive vision. He is a strong advocate for security at all levels of the organization and knows how to build executive and board-level support in order to achieve success. Carlos is serving as the CEO, Independent vCISO, and Chief Security Officer at CB Universal.


Hosts

2. 7 Keys, 7 Elements, & 7 Quotes - 03:30 PM-04:00 PM


Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

In the Leadership and Communications section, the lucky 7's have it: 7 Keys to Effective Leadership in Our New Normal, The 7 elements of an enterprise cybersecurity culture, 7 Quotes from Military Leaders to Help You Win at Life, and more!


Hosts

Jason Albuquerque's Content:

Articles

Matt Alderman's Content:

Articles

  • 7 Keys to Effective Leadership in Our New Normal - Here’s what it takes to lead a team in 2020 and beyond:
    • Leaders must be proactive in their efforts, and deeply care about how the people around them are doing.
    • Leaders need to share how they’re feeling, as well.
    • Leaders must create a safe environment where people feel a sense of belonging.
    • Leaders have to solidify their mission — and live it out in the world.
    • Leaders must be willing to adapt.
    • Leaders have to remain optimistic about the future, without sugar-coating the present.
    • Leaders must over-communicate.
  • How CISOs Can Play a New Role in Defining the Future of Work - Rather than just reacting to security issues in the COVID-19 era, CISOs are now in a position to be change agents alongside their C-suite peers. Here are four ways they can successfully lead with change and act as more strategic C-level partners:
    • Carve Out More Time with C-Suite Stakeholders
    • Shift Focus from Your Team to the Company as a Whole
    • Balance Remote Work Vulnerabilities with Transformational Change
    • Look to Hire Globally and Expand the Team
  • The office is dead. Get yourself a backyard shed - As working from home turns into a semi-permanent situation for many, the search is on for private workspace. Some people have opted to take over a bedroom or basement to set up their new home office. But others are heading to the backyard.
  • The 7 elements of an enterprise cybersecurity culture - A cybersecurity culture is one that spans the entire organization -- across teams, processes, metrics and tools. Incorporating the following attributes and best practices throughout an organization is one of the greatest challenges facing security leaders, but doing so has never been more essential:
    • Leadership
    • Cross-functional liaisons
    • Education
    • Cross-functional liaisons
    • Attitudes and behaviors
    • Ecosystem
    • Metrics
  • Managing risk: People-centric cyber security solutions - How to expand cyber security awareness?
    • Stories. One way to get the message across is by using stories. Most people inherently relate to stories more so than data. Incorporate some humor into your stories too, as studies indicate that laughter leads to learning.
    • Gamify security awareness. Consider using a leader board to track who’s most effectively implementing cyber security best practices. Competition converts, as no one wants to be seen as the person who’s not a team player.
    • Create cyber security challenges. You can pit one department against another and see which one is better at __(fill in the blank, based on your own organization’s needs)__. Reward the team that wins. This can lead to behavioral changes and information absorption.
    • Onboarding programs. Consider putting cyber security front and center during employees’ first days or weeks on the job. A cyber security program during onboarding will set the expectations for the rest of employees’ tenure.
  • 7 Quotes from Military Leaders to Help You Win at Life - Life can be a battlefield. You’ll often feel like you have to claw your way to success or happiness. To make that process easier, take these inspiring quotes from some military masters and use them to improve your mindset and give you the strength to overcome your obstacles:
    • “No Guts No Glory”-Frederick C. Blesse
    • “Praise the Bridge that Carried You Over”-George Colman
    • “Out of every one hundred men, ten shouldn’t even be there, eighty are just targets, nine are the real fighters, and we are lucky to have them, for they make the battle.”-Heraclitus
    • “If you find yourself in a fair fight, you didn’t plan your mission properly.”-David Hackworth
    • “Lead me, follow me, or get the hell out of my way.”-George S. Patton Jr
    • “It is fatal to enter a war without the will to win it.”-Douglas MacArthur
    • “Perpetual optimism is the force multiplier.” — Colin Powell

Paul Asadoorian's Content:

Articles