- 1 Business Security Weekly Episode #175 - June 01, 2020
- 2 1. Interview - How to Truly Disrupt Cybercrime - 03:00 PM-03:30 PM
- 3 2. News - CISO vs. CEO, Security is Not a Technical Problem, How to be a Great Listener - 03:30 PM-04:00 PM
Business Security Weekly Episode #175 - June 01, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Interview - How to Truly Disrupt Cybercrime - 03:00 PM-03:30 PM
- Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
- Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!
Jen Ellis focuses on cybersecurity policy for Rapid7. Working with governments, manufacturers, and operators, Jen strategizes on policies and practices that will actually disrupt cybercrime at scale. By changing the behavior of attackers through complexity and costs, these strategies can truly disrupt cybercrime. We'll discuss some of the latest strategies, including CyberBOM, Hack Back, Vulnerability Disclosure, and other Secure by Design approaches to cybersecurity.
Jen Ellis is Rapid7’s Vice President of Community and Public Affairs. She believes security practitioners are the guardians of Society’s trust in technology, and works extensively with security professionals, technology providers/operators, and various Government entities to promote better collaboration. She believes this is our best path to reducing cybercrime and protecting consumers and businesses. To this end, Jen also provides free skills training to security professionals so they can get greater buy-in and achieve more positive security outcomes. She has testified before Congress and spoken at numerous security industry events.
Jason Albuquerque - CIO & CSO at Carousel Industries Matt Alderman - CEO at Security Weekly Paul Asadoorian - Founder & CTO at Security Weekly
2. News - CISO vs. CEO, Security is Not a Technical Problem, How to be a Great Listener - 03:30 PM-04:00 PM
- Layer 8 is Going Virtual! The conference will still be held on Saturday June 6th. Security Weekly listeners save $20 on their ticket by visiting layer8conference.com and using the promo code "SecurityWeekly" before selecting your ticket type! Please consider supporting Layer8 or one of their partner organizations when purchasing your ticket! Some of the Security Weekly team will be in our own channel on the Layer8 Discord server answering questions and possibly doing some contests!
- Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Our second June webcast will be with Google Cloud teaching you how to prevent account takeover attacks! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!
In the leadership and communications section, CISO vs. CEO: How executives rate their security posture, 3 Reasons Why Cybersecurity Is Not A Technical Problem, How to Be a Great Listener in Remote Meetings and more!
Jason Albuquerque's Content:
Matt Alderman's Content:
- CISO vs. CEO: How executives rate their security posture - According to a survey of 200 CEOs and CISOs from The Wall Street Journal Intelligence and Forcepoint, CISOs believe in the effectiveness of their digital and security maturity more than their CEOs. The report also measured leaders vs. non-leaders, with the following results:
- Leaders in cybersecurity have more discipline for implementing strategy on a regular basis, whereas non-leaders were more likely to update their cybersecurity strategy "intermittently"
- About two-thirds of executives are considered "non-leaders" with only 39% having their boards of directors "fully engaged" with security strategy
- The remaining executives scored "the highest possible rating for digital maturity, cybersecurity effectiveness, and cybersecurity talent and acquisition" with 82% having their boards of directors "fully engaged" with security strategy
- 70% of leaders are more concerned with increasing agility than reducing costs, compared to 57% of non-leaders
- Nearly two-thirds of leaders value protecting consumer data over organizational intellectual property, compared to 56% of non-leaders
- CISO stress – moving from recognition to action - Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental wellbeing and avoid burnout?
- 3 Reasons Why Cybersecurity Is Not A Technical Problem - Cyber risk is getting worse, but understanding and managing it needs to get better immediately. Below are the top three reasons why cybersecurity should no longer be just viewed as a technical problem...
- The Technical Language Limits a Secure Understanding
- The Technical Dollars Don’t Ensure Financial Sensibility
- The Technical Reports Don’t Measure Quantitatively
- How to Be a Great Listener in Remote Meetings - Here are five ways to be a better listener in remote meetings:
- You listen for what's being said and for what isn't being said.
- You don't relate everything you hear back to yourself.
- You paraphrase what you're hearing to check for understanding.
- You get comfortable with silence.
- You are inclusive in who you listen to.
- 7 techniques to build supply chain resilience - In the wake of the COVID-19 pandemic, business and supply chain leaders have realized how important supply chain resiliency is. Here are seven ways to boost it...
- Build analytics capabilities
- Consider contactless delivery options
- Rethink supplier strategy
- Focus on rapid response
- Use digital twins
- Invest in 3D printing
- Automate repetitive tasks
- How CIOs can combat the IT talent shortage - Research shows organizations are still struggling to bring in IT talent. We identify the reasons why there's a shortage and what CIOs and other IT leaders can do to combat it. There are three practical steps that can nurture IT talent:
- Internships with promising high school and college students.
- Compensation and support for completing technical specializations.
- Invite IT to the table for critical strategic projects.