Difference between revisions of "BSWEpisode175"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
(Added By Paul's Craptastic PPWorks Code)
Line 36: Line 36:
 
Jen Ellis focuses on cybersecurity policy for Rapid7.  Working with governments, manufacturers, and operators, Jen strategizes on policies and practices that will actually disrupt cybercrime at scale.  By changing the behavior of attackers through complexity and costs, these strategies can truly disrupt cybercrime.  We'll discuss some of the latest strategies, including CyberBOM, Hack Back, Vulnerability Disclosure, and other Secure by Design approaches to cybersecurity.
 
Jen Ellis focuses on cybersecurity policy for Rapid7.  Working with governments, manufacturers, and operators, Jen strategizes on policies and practices that will actually disrupt cybercrime at scale.  By changing the behavior of attackers through complexity and costs, these strategies can truly disrupt cybercrime.  We'll discuss some of the latest strategies, including CyberBOM, Hack Back, Vulnerability Disclosure, and other Secure by Design approaches to cybersecurity.
  
 +
 +
 +
 +
==Guest(s)==
 +
 +
 +
===Jen Ellis===
 +
<gallery mode="nolines" widths=175px heights=175px>
 +
 +
Image:JenEllis-0.png|'''Jen Ellis''' is Vice President of Community &amp; Public Affairs at Rapid7<br>
 +
 +
</gallery>
 +
Jen Ellis is Rapid7’s Vice President of Community and Public Affairs. She believes security practitioners are the guardians of Society’s trust in technology, and works extensively with security professionals, technology providers/operators, and various Government entities to promote better collaboration. She believes this is our best path to reducing cybercrime and protecting consumers and businesses. To this end, Jen also provides free skills training to security professionals so they can get greater buy-in and achieve more positive security outcomes. She has testified before Congress and spoken at numerous security industry events.<br>
  
  

Revision as of 20:16, 29 May 2020

Business Security Weekly Episode #175 - June 01, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - How to Truly Disrupt Cybercrime - Jen Ellis, Rapid7 - 03:00 PM-03:30 PM

Visit https://securityweekly.com/rapid7 for more information!


Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!

Description

Jen Ellis focuses on cybersecurity policy for Rapid7. Working with governments, manufacturers, and operators, Jen strategizes on policies and practices that will actually disrupt cybercrime at scale. By changing the behavior of attackers through complexity and costs, these strategies can truly disrupt cybercrime. We'll discuss some of the latest strategies, including CyberBOM, Hack Back, Vulnerability Disclosure, and other Secure by Design approaches to cybersecurity.



Guest(s)

Jen Ellis

Jen Ellis is Rapid7’s Vice President of Community and Public Affairs. She believes security practitioners are the guardians of Society’s trust in technology, and works extensively with security professionals, technology providers/operators, and various Government entities to promote better collaboration. She believes this is our best path to reducing cybercrime and protecting consumers and businesses. To this end, Jen also provides free skills training to security professionals so they can get greater buy-in and achieve more positive security outcomes. She has testified before Congress and spoken at numerous security industry events.


Hosts

2. News - Leadership and Communications Articles - 03:30 PM-04:00 PM

Description

Description TBD


Hosts

Jason Albuquerque's Content:

Articles

Matt Alderman's Content:

Articles

  • CISO vs. CEO: How executives rate their security posture - According to a survey of 200 CEOs and CISOs from The Wall Street Journal Intelligence and Forcepoint, CISOs believe in the effectiveness of their digital and security maturity more than their CEOs. The report also measured leaders vs. non-leaders, with the following results:
    • Leaders in cybersecurity have more discipline for implementing strategy on a regular basis, whereas non-leaders were more likely to update their cybersecurity strategy "intermittently"
    • About two-thirds of executives are considered "non-leaders" with only 39% having their boards of directors "fully engaged" with security strategy
    • The remaining executives scored "the highest possible rating for digital maturity, cybersecurity effectiveness, and cybersecurity talent and acquisition" with 82% having their boards of directors "fully engaged" with security strategy
    • 70% of leaders are more concerned with increasing agility than reducing costs, compared to 57% of non-leaders
    • Nearly two-thirds of leaders value protecting consumer data over organizational intellectual property, compared to 56% of non-leaders
  • CISO stress – moving from recognition to action - Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental wellbeing and avoid burnout?
  • 3 Reasons Why Cybersecurity Is Not A Technical Problem - Cyber risk is getting worse, but understanding and managing it needs to get better immediately. Below are the top three reasons why cybersecurity should no longer be just viewed as a technical problem...
  1. The Technical Language Limits a Secure Understanding
  2. The Technical Dollars Don’t Ensure Financial Sensibility
  3. The Technical Reports Don’t Measure Quantitatively
  1. You listen for what's being said and for what isn't being said.
  2. You don't relate everything you hear back to yourself.
  3. You paraphrase what you're hearing to check for understanding.
  4. You get comfortable with silence.
  5. You are inclusive in who you listen to.
  1. Build analytics capabilities
  2. Consider contactless delivery options
  3. Rethink supplier strategy
  4. Focus on rapid response
  5. Use digital twins
  6. Invest in 3D printing
  7. Automate repetitive tasks
  • How CIOs can combat the IT talent shortage - Research shows organizations are still struggling to bring in IT talent. We identify the reasons why there's a shortage and what CIOs and other IT leaders can do to combat it. There are three practical steps that can nurture IT talent:
  1. Internships with promising high school and college students.
  2. Compensation and support for completing technical specializations.
  3. Invite IT to the table for critical strategic projects.

Paul Asadoorian's Content:

Articles