CSP #2 | SC Media
Cybersecurity Asset Management, Intrusion detection, Attack surface mgmt, ICS security

CSP #2

February 9, 2021

Sponsored Bysponsor

The Cybersecurity Coalition’s Ari Schwartz brings us up to date on some of the organization’s initiatives and then dives into some of the challenges SLED defenders are facing in trying to do more with less…

This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!

Visit https://securityweekly.com/category-shows/the-ciso-stories-podcast for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/cyberleaders
Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Full Episode Show Notes

Guests

Ari Schwartz

Ari Schwartz – Managing Director for Cybersecurity at Venable

A leading voice in national cybersecurity policy, Ari guides the establishment of cybersecurity consulting services for Venable and directs Venable’s Cybersecurity Risk Management Group. Ari assists organizations with understanding and developing risk management strategies, including implementation of the Cybersecurity Framework and other planning tools to help minimize risk. Ari also coordinates the Coalition for Cybersecurity Policy and Law, a group of leading cybersecurity companies dedicated to educating policymakers on cybersecurity issues and promoting a vibrant marketplace for cybersecurity technology solutions. Prior to joining Venable, Ari was a member of the White House National Security Council, where he served as special assistant to the president and senior director for cybersecurity. Ari also served in the Department of Commerce, where he advised the secretary on technology policy matters related to the National Institute of Standards and Technology (NIST), the National Telecommunications and Information Administration (NTIA), and the U.S. Patent and Trademark Office (USPTO).

Hosts

Sam Curry

Sam Curry – Chief Security Officer at Cybereason

@samjcurry

Sam Curry is CSO at Cybereason and is a Visiting Fellow at the National Security Institute. Previously, Sam was CTO and CISO for Arbor Networks (NetScout) and was CSO and SVP R&D at MicroStrategy in addition to holding senior security roles at McAfee and CA. He spent 7 years at RSA, the Security Division of EMC as Chief Technologist and SVP of Product. Sam also has over 20 patents in security from his time as a security architect, has been a leader in two successful startups and is a board member of the Cybersecurity Coalition, of SSH Communications and of Sequitur Labs.

 

Sponsored By


sponsor
Visit https://www.cybereason.com/cisostories for more information!

Ira Winkler, CISO at Skyline Technology Solutions, recounts his amazing journey from wannabe astronaught to NSA intelligence analyst, social engineer, systems hacker and author and some of the crazy things that happened along the way. Ira is considered one of the world’s most influential security professionals and has been named a “Modern Day James Bond” – a title he earned by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World, investigated cybercrimes against them, and then telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost-effective security programs and increase security awareness.

This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!

Full Episode Show Notes

So You Want to be a Cyber Spy?

Guests

Ira Winkler

Ira Winkler – Author at

@irawinkler

Ira Winkler, CISSP is CISO for Skyline Technology Systems and author of You Can Stop Stupid. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.

Hosts

Sam Curry

Sam Curry – Chief Security Officer at Cybereason

@samjcurry

Sam Curry is CSO at Cybereason and is a Visiting Fellow at the National Security Institute. Previously, Sam was CTO and CISO for Arbor Networks (NetScout) and was CSO and SVP R&D at MicroStrategy in addition to holding senior security roles at McAfee and CA. He spent 7 years at RSA, the Security Division of EMC as Chief Technologist and SVP of Product. Sam also has over 20 patents in security from his time as a security architect, has been a leader in two successful startups and is a board member of the Cybersecurity Coalition, of SSH Communications and of Sequitur Labs.

Sponsored By


sponsor
Visit https://www.cybereason.com/cisostories for more information!

As threats to the nation’s security grow, there remains a substantial and increasing shortage of skilled cybersecurity professionals. The federal government and private sector can work together to fill their open positions and attract the next generation of motivated mission-driven cybersecurity leaders. This podcast discusses the Cybersecurity Talent Initiative, a federal/private partnership which provides up to $75,000 in student loan assistance for individuals hired by the private sector companies after developing skills through a two-year program in the federal government.

https://securityweekly.com/wp-content/uploads/2021/06/CTI_Spring-2021-Onepager_corporate.pdf

https://securityweekly.com/wp-content/uploads/2021/06/nice_framework062017.pdf

This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!
Full Episode Show Notes

Fixing the Talent Shortage: CyberSecurity Talent Initiative

Guests

Alexander Niejelow

Alexander Niejelow – Senior Vice President, Cybersecurity Coordination and Advocacy at Mastercard

Alexander Niejelow is senior vice president for cybersecurity coordination and advocacy. In this capacity, Mr. Niejelow is responsible for coordinating cybersecurity matters across Mastercard’s business units and departments, as well as the company’s global safety and security advocacy efforts.

Mr. Niejelow previously served as senior vice president of public policy and data protection since joining the Mastercard in February 2016. In this Role, Mr. Niejelow was responsible for policy efforts in the areas of cybersecurity and global data management, while also leading the company’s industry partnerships on technology policy issues.

Prior to joining Mastercard, Mr. Niejelow was director of cybersecurity policy on the National Security Council at the White House, where he focused on efforts to advance the Administration’s cybersecurity, technology, and trade policy priorities. He also served as chief of staff to the U.S. Intellectual Property Enforcement Coordinator, where he helped coordinate the U.S. Government’s intellectual property policy and enforcement strategies beginning in 2012.

Before joining the White House, Mr. Niejelow was counselor and senior advisor to the Commissioner of U.S. Customs and Border Protection at the Department of Homeland Security from 2010 to 2012. In this role, Mr. Niejelow advised the Commissioner and Deputy Commissioner on matters of international trade policy and operations and worked extensively on agency initiatives aimed at trade facilitation, U.S. economic competitiveness and global supply chain security.

From 2008 until joining the Department of Homeland Security, Mr. Niejelow worked in the litigation department of Paul, Weiss, Rifkind, Wharton & Garrison.

Mr. Niejelow holds a Doctor of Jurisprudence degree from the University of Pennsylvania Law School and a Bachelor of Arts in political science from Duke University.

Hosts

Todd Fitzgerald

Todd Fitzgerald – Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

@securityfitz

Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Sponsored By


sponsor
Visit https://www.cybereason.com/cisostories for more information!

Communication in any organization can be a challenge, especially when working with different levels of government and the various funding mechanisms. Join this podcast to lean how one State CISO navigated the rough waters by focusing on relationships and increased security spending and knowledge of security activities across government levels. 

To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Mark_Weatherford_Article.pdf

Weatherford, M. 2019. Relationships Matter. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 473. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.

This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!

Full Episode Show Notes

Want to Elevate CyberSecurity? Relationships Matter!

Guests

Mark Weatherford

Mark Weatherford – CISO at AlertEnterprise

@marktw

Mark Weatherford is the Chief Information Security Officer at AlertEnterprise, the Chief Strategy Officer (and a Board member) at the National Cybersecurity Center, and the Founding Partner at Aspen Chartered Consulting, where he provides cybersecurity consulting and advisory services to public and private sector organizations around the world.

Mark has held a variety of executive-level cybersecurity roles including Global Information Security Strategist at Booking Holdings, Chief Cybersecurity Strategist at vArmour, a Principal at The Chertoff Group, Chief Security Officer at the North American Electric Reliability Corporation, and Chief Information Security Officer for the state of Colorado. In 2008 he was appointed by Governor Arnold Schwarzenegger to serve as California’s first Chief Information Security Officer and in 2011 he was appointed by the Obama Administration as the Deputy Under Secretary for Cybersecurity at the U.S. Department of Homeland Security.

Mark is a former naval officer where he served as a cryptologist and was Director of Navy Computer Network Defense Operations, Director of the Navy Computer Incident Response Team (NAVCIRT), and established the Navy’s first operational red team.

He is an investor and on the Advisory Board of several cybersecurity technology companies where he has a very successful track record in helping startups through the M&A process to acquisition.

Hosts

Todd Fitzgerald

Todd Fitzgerald – Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

@securityfitz

Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Sponsored By


sponsor
Visit https://www.cybereason.com/cisostories for more information!

The CISO is often in a position where vulnerabilities are known and implementing a product may result in an insecure product. Should the CISO say ‘no we can’t do that’, or ‘figure out how to make it happen?’ Join this podcast to learn how a CISO was faced with this dilemma where he was asked by the business to implement a technology, where he had stacks of whitepapers indicating the technology was insecure.

To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Dan_Lohrmann_Article.pdf

Lohrmann, D. 2019. CISOs Need to be Enablers of Business Innovation-Here Is How. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 106. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.

This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!

Full Episode Show Notes

CISO Business Enablement: Getting to ‘Yes’ as a CISO

Guests

Dan Lohrmann

Dan Lohrmann – Chief Security Officer & Chief Strategist at Security Mentor, Inc.

@govcso

Dan Lohrmann is an internationally recognized cybersecurity leader, technologist and author. Starting his career at NSA, Lohrmann has served global organizations in the public and private sectors in many leadership capacities. As a top Michigan Government technology executive for seventeen years, Dan was national CSO of the Year, Public Official of the Year and a Computerworld Premier 100 IT Leader. He is currently CSO & Chief Strategist at Security Mentor, where he advises global and local corporations and governments on cybersecurity and technology infrastructure strategies and security culture change. He has been a keynote speaker at security conferences from South Africa to Europe and Washington D.C. to Moscow.

Dan’s award-winning blog: http://www.govtech.com/blogs/lohrmann-on-cybersecurity/
CSO Magazine articles: http://www.csoonline.com/author/dan-lohrmann

Hosts

Todd Fitzgerald

Todd Fitzgerald – Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

@securityfitz

Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Sponsored By


sponsor
Visit https://www.cybereason.com/cisostories for more information!

Phil Attfield, CEO and founder at Sequitur Labs, discusses his engineering roots and curius nature that led him to developing software tools and in-house products for modeling, synthesis and verification of telecom and network equipment hardware at Nortel. Phil the challenges involved in development of large-scale security policy and management frameworks and the key security elements of the IoT device lifecycle from design, to build, to sustaining securely. This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!

Full Episode Show Notes

CISOs: Always be a Student, Always be Learning

Guests

Phil Attfield

Phil Attfield – CEO at Sequitur Labs, Inc

Phil Attfield brings a strong background in computing, networking, security and systems modeling. He has more than 20 years of industry experience in large enterprises and small entrepreneurial firms.

Starting his career at Nortel, Phil was a member of its scientific staff and developed software tools and in-house products for modeling, synthesis and verification of telecom and network equipment hardware.

Later, Phil founded Signal 9 Solutions, a firm that pioneered PC/desktop firewalls and created the Conseal brand of security products. Phil served as CEO until the company was acquired by McAfee® during the rapid broadband expansion phase of the Internet. Phil then joined the Phantom Works/R&D division of The Boeing Company where he led the team responsible for the development of a large-scale security policy and management framework.

Hosts

Sam Curry

Sam Curry – Chief Security Officer at Cybereason

@samjcurry

Sam Curry is CSO at Cybereason and is a Visiting Fellow at the National Security Institute. Previously, Sam was CTO and CISO for Arbor Networks (NetScout) and was CSO and SVP R&D at MicroStrategy in addition to holding senior security roles at McAfee and CA. He spent 7 years at RSA, the Security Division of EMC as Chief Technologist and SVP of Product. Sam also has over 20 patents in security from his time as a security architect, has been a leader in two successful startups and is a board member of the Cybersecurity Coalition, of SSH Communications and of Sequitur Labs.

prestitial ad