CISO in Crisis, but Will the SEC Regulations Make a Difference and New NIST CSF Draft – BSW #316
In the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. CISO in Crisis, but Will the SEC Regulations Make a Difference and New NIST CSF Draft – BSW #316
In the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more!
Announcements
Security Weekly listeners: Now is your chance to join the infosec community as they come together at InfoSec World 2023, September 23 – 28, 2023 at Disney's Coronado Spring Resort in Lake Buena Vista, FL. Hear keynotes from Scott Shapiro, Founding Director at Yale CyberSecurity Lab’s and Rachel Wilson, Managing Director and Head of Cybersecurity at Morgan Stanley.
As a Security Weekly community member, you’re able to receive 20% off your InfoSec World 2023 tickets using code ISW23-SECWEEK20! Register today: securityweekly.com/infosecworld2023
Hosts
- 1. CISO in Crisis
The modern CISO faces a landscape filled with evolving threats, immense pressures, and a need to adapt continuously. The weight of these responsibilities, combined with various organizational challenges, contributes to the high turnover rate in this role.
- 2. Will SEC Cybersecurity Regulations Make a Difference?
The new SEC regulations mark a paradigm shift in cybersecurity risk governance. Their effectiveness hinges on careful execution and enforcement, balancing the need for transparency without compromising security. They present an opportunity for companies to review and enhance their cybersecurity practices. It’s a challenging journey, but with strategic planning, proactive measures and constant vigilance, companies can effectively navigate this evolving landscape.
- 3. Enterprise risk management team: Roles and responsibilities
Every facet of business operations is exposed to risks, requiring a risk management team that's composed of a diverse mix of corporate executives and managers.
- 4. NIST Drafts Major Update to Its Widely Used Cybersecurity Framework
After considering more than a year’s worth of community feedback, the National Institute of Standards and Technology (NIST) has released a draft version of the Cybersecurity Framework (CSF) 2.0, a new version of a tool it first released in 2014 to help organizations understand, reduce and communicate about cybersecurity risk. The draft update, which NIST has released for public comment, reflects changes in the cybersecurity landscape and makes it easier to put the CSF into practice — for all organizations.
- 5. Redefining Leadership: The Rise Of New Organizational Structures
The takeaway here is that leadership styles should not be one-size-fits-all. After all, the changing dynamics of leadership in the modern workplace can be likened to a shift in the global tectonic plates—slow-moving yet filled with significant implications. What was once a hierarchical model has now evolved into an intricate web of relationships and roles.
- 6. Creating a Roadmap for Your Dream Cybersecurity Career
Many of us build our cybersecurity careers based on whatever opportunities pop up or based on the first job we can find. While there is nothing wrong with this approach, it may not result in the perfect role for you. I want to spend some time reviewing how we can both approach opportunities with a long-term view and create the right opportunities for where we want to end up. I’ll start with a focus on getting into the ‘right’ cybersecurity field and then cover how to build the skills you need to advance. Finally, I’ll explain how to map out a path so that you end up in your dream job.
2. Securing your Browser & The Journey to Password[less] – Karim Toubba, Mike Fey – BSW #316
The modern web browser is the single most commonly used application by enterprises worldwide. Its power, simplicity, and usability makes it an essential tool at work. And yet, the browser is not an enterprise application. It lacks the fundamental controls enterprises require to ensure proper security, visibility, and governance over critical apps and data.
As a result, we surround the browser with a massive security ecosystem in an attempt to manage the intersection between users, web applications, and the underlying data. In the process, our technology stack becomes complex, expensive, and fragile to maintain, while end users are left with a frustrating experience. All because the consumer browser was not designed with enterprise needs in mind. The question is: What if there was a browser designed exclusively for the enterprise?
Hear from Karim Toubba, CEO of LastPass, on LastPass' journey to passwordless, the importance of a passwordless world and why authentication is becoming more complex and facilitating the ease of authentication for users at work and at home.
This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more about them!
This segment is sponsored by LastPass. Visit https://securityweekly.com/lastpassbh to learn more about them!
Sponsored By
Guests
Michael Fey leads Island Technology as Co-Founder and CEO, relying on his extensive experience in cyber security, enterprise software and cloud technology. Prior to founding Island, he helped rebrand, redefine and grow D21Q (formerly Mesosphere) as its CEO.
Previously, he served as president and COO at Symantec. Prior to joining Symantec, he served as president and COO of Blue Coat, leading product and go-to-market functions. While at Blue Coat, Fey led the company to aggressive growth, resulting in its acquisition by Symantec in 2016 for $4.65 billion. Fey has also been executive vice president and general manager for enterprise products at McAfee and chief technology officer of Intel Security, where he drove the company’s long-term strategic vision and innovation in the enterprise network, endpoint and analytics security segments by focusing on high-growth market opportunities and field execution.
Fey holds a degree in Engineering Physics and Mathematics from Embry-Riddle Aeronautical University. He is an author of Security Battleground: An Executive Field Manual, which gives guidance to executives with no formal background in security and technology.
Karim Toubba is the Chief Executive Officer of LastPass, having joined the company in 2022. A cybersecurity industry veteran with over 25 years of experience within the sector, Karim brings proven leadership and innovation to the security market with a focus on creating products that solve real-world challenges yet form the foundation for lasting change.
Hosts
