The Importance of OT Security: The Evolving Threat Landscape – Ken Townsend – CSP #170

April 16, 2024

Manufacturing environments rely heavily on Operational Technology (OT) systems – such as industrial control systems, supervisory control, PLCs etc. to manage production processes. Compromises of these networks and systems can have devastating consequences, including: • Production disruptions and downtime • Safety hazards: • Data breaches ...

Leadership

Tips for a Successful Cyber Resilience Program – Olusegun Opeyemi-Ajayi – CSP #169

April 9, 2024

The cybersecurity threat landscape is constantly evolving, and experience has shown that everyone and every organization is prone to being breached. How do you prepare for what seems inevitable? You assume breach and plan accordingly. Cyber resilience has become a top priority as organizations figure out how to build a network that can either conti...

OT Security

Operational Technology (OT) and the Art of War – Glenn Kapetansky – CSP #168

April 2, 2024

Operational Technology (OT) security is concerned with protecting embedded, purpose-built technologies enabling our industrial processes. You also may have heard “adjacent” buzzwords like Internet of Things (IOT) and Fog (like “cloud” but close to the ground). OT security has significant challenges in terms of cost/size/weight, capability, ability ...

Email security

Third-Party Risk Management – BEC Compromises and the Cloud – Michael Swinarski – CSP #167

March 26, 2024

Third-Party Risk Management is essential for safeguarding an organization's assets, reputation, and operations. By identifying, assessing, and managing risks associated with external partners, organizations can enhance their resilience, protect sensitive information, and maintain the trust of stakeholders in an increasingly interconnected business ...

Application security

52,000 Suppliers:Third-Party Supply Chain CyberRisk Approach – Cassie Crossley – CSP #166

March 19, 2024

Schneider Electric has over 52,000 suppliers and sells hundreds of thousands of products of which 15,000 would be classified as intelligent products. To address risks stemming from third-party suppliers, and in recognition of the risks posed to customers, we have a holistic approach to value chain security, by implementing security controls at ever...

Supply chain

Securing Connections: 3rd Party Risk Mgmt Expert Insights – Charles Spence – CSP #165

March 12, 2024

Breaches at software vendors used by many organizations have highlighted the external software supplier risk, requiring organizations to be even more diligent. Join us as we discuss the supply chain issues and their relationship to software supply chain issues and how organizations should approach environment with supplier software risk, geo-politi...

Supply chain

A Printout on Secure by Design When Utilizing 3rd Parties – Bryan Willett – CSP #164

March 5, 2024

With CISA just putting out new “secure by design” guidance, Lexmark CISO Bryan Willett pulls the curtain back on the curtain back on how Lexmark is approaching secure-by-design in its products Lexmark is at the forefront of secure by design as their products constantly touch highly confidential information in regulated industries, along with an es...

Governance, Risk and Compliance

Intelligent Generative AI Handling – Aaron Weismann – CSP #163

February 27, 2024

Generative AI security and integrity. This is important to me because it's a cool new commercially available technology that promises efficiency and time savings--and therefore everyone wants to use it without a thorough understanding of how to secure data used with it or correcting model bias introduced through improper governance. The implication...

Leadership

Responsible Use and Vetting of AI Solutions – Jon Washburn – CSP #162

February 20, 2024

Responsible use and governance of AI are key issues today, as training data limitations and data retention issues must be addressed. The risk of exposing PII or other confidential data, managing bias, hallucination, misinterpretation risks and other AI considerations are discussed. Fitzgerald, T. 2019. Chapter 4: Emerging Technologies and Trend...

Leadership

The Business Side of AI – Edward Contreras – CSP #161

February 13, 2024

Artificial Intelligence: Currently these two words can mean a world of difference to different people. How do you bring this topic to the board, to executives, or to business partners, and help them understand the risks without the FUD or technical language that so often creeps into the conversation? The goal is to engage in an action driven conver...

Data Security

Generative AI and Corporate Security – Getting it Right – Bill Franks – CSP #160

February 6, 2024

Generative AI has hit the world by storm, but unfortunately is widely misunderstood. While it brings great promise for companies, it also has risks. As employees and corporate applications begin making use of generative AI, it is important to ensure that proper safety and security mechanisms are put in place to allow value to be obtained while mini...

The Importance of OT Security: The Evolving Threat Landscape – Ken Townsend – CSP #170

Tips for a Successful Cyber Resilience Program – Olusegun Opeyemi-Ajayi – CSP #169

Operational Technology (OT) and the Art of War – Glenn Kapetansky – CSP #168

Third-Party Risk Management – BEC Compromises and the Cloud – Michael Swinarski – CSP #167

52,000 Suppliers:Third-Party Supply Chain CyberRisk Approach – Cassie Crossley – CSP #166

Securing Connections: 3rd Party Risk Mgmt Expert Insights – Charles Spence – CSP #165

A Printout on Secure by Design When Utilizing 3rd Parties – Bryan Willett – CSP #164

Intelligent Generative AI Handling – Aaron Weismann – CSP #163

Responsible Use and Vetting of AI Solutions – Jon Washburn – CSP #162

The Business Side of AI – Edward Contreras – CSP #161

Generative AI and Corporate Security – Getting it Right – Bill Franks – CSP #160

Leadership News & Analysis

Microsoft takes down websites used to create 750 million fraudulent accounts

Zebra Technology’s Mike Zachman: Be a business enabler, not a hurdle

Lenovo’s Skip Mann: Exceptional security leadership like being a human Swiss Army knife

1,000 CISOs strong: How cross-company collaboration strengthens enterprise cybersecurity

Host Todd Fitzgerald reflects on 100 episodes of the CISO Stories podcast