Careers, Compliance, Leadership, Application security, Cloud security, Email security, Identity and access, Managed services, Vulnerability management

Business Security Weekly #225

View Show Index

Segments

1. Security Money – The Index Hits Another All Time High – BSW #225

Both the Security Weekly 25 Index and the NASDAQ close at record highs on 7/23/2021. See how the security market continues to stay hot.

The current companies in the Security Weekly 25 Index:

SCWX

PANW

CHKP

SPLK

NLOK

FTNT

AKAM

FFIV

ZS

PFPT

FEYE

QLYS

VRNT

CYBR

TENB

SAIL

MIME

NET

CRWD

NTCT

VRNS

RPD

SUMO

RDWR

PING

Gallery Images

Announcements

  • CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit https://securityweekly.com/CIRB to take the survey

  • In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

Hosts

Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Jason Albuquerque
Jason Albuquerque
Chief Operating Officer at Envision Technologies

2. Security Is a Barrier & Incentive, Theatrical Meetings, & Cybersecurity Salaries – BSW #225

In the Leadership and Communications section for this week: In modernization, security is a barrier and an incentive, Federal CISO DeRusha Maps FISMA Reform Priorities, Cybersecurity salaries: What 8 top security jobs pay, and more!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
  1. 1. Big, Theatrical Meetings Are a Waste of Time - Too often, business review meetings — in which executives and stakeholders hear project or performance updates from managers and staff — are run like theater productions. Enormous amounts of time and effort go into creating the impression that all is well and that any problems are well on their way to being overcome. But these anodyne meetings leave little chance that serious problems and gaps will be discussed and addressed. To keep initiatives on track and solving the actual problems that organizations and their customers face, leaders need to update their approach to review meetings in three ways: 1) Create their agendas to be about the future, not a review of the past; 2) Create a culture of safety around bringing up challenging ideas and problems, and 3) Rigorously review each review meeting in order to improve the next one.
  2. 2. Two Strategies for Disconnecting From Work - Setting boundaries around work seems tougher than ever. Here’s how to do it as part of your healthy self-care 1. Personal Devices and Work Don’t Mix 2. Start, Mid, and End of Day Events Every Day
  3. 3. In modernization, security is a barrier and an incentive - Dive Brief: Three-quarters of government IT decision-makers cite migrating and managing data from legacy systems to the cloud as a challenge, but 60% think it is important to modernize IT infrastructure to improve efficiency and security, according to an IBM survey released Friday. Half of respondents cited performance issues as a barrier to cloud migration, 38% said training users on new systems slowed modernization and 26% blamed bandwidth costs as a concern. Morning Consult collected responses from more than 500 government IT decision-makers on behalf of IBM. "Jumping in without a plan, without an understanding [of] how they want to go about it, leads to failures, which leads to folks not wanting to modernize," Sanjay Sardar, Senior Vice President, Digital Transformation and IT Modernization at SAIC and a former federal CIO, told CIO Dive.
  4. 4. Has the criticality of cyber attacks reached upper management? – CyberTalk - Niels Zimmer Poulsen discusses whether or not the criticality of cyber attacks has reached upper management. He also shares his top three CISO communication tips, and provides insights into how concerted effort from all parties can lead to much improved decision making.
  5. 5. Federal CISO DeRusha Maps FISMA Reform Priorities - Federal Chief Information Security Officer (CISO) Chris DeRusha offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May: 1. testing and validating security arrangements, rather than relying on “self-attestation” by agencies. 2. increasing security automation. 3. Federal agencies to move to cloud services
  6. 6. Engineers need cybersecurity training, too - Companies will undergo a shift in cyber culture, eventually combining the data engineers and network security professionals use to search for vulnerabilities.
  7. 7. Cybersecurity salaries: What 8 top security jobs pay - IT security is of major concern to all organizations, and they're willing to pay to get top talent. Are you being paid what you are worth? Information security analyst Average salary: $99,101 Salary range: $61k - $160k Information security specialist Average salary: $96,586 Salary range: $59k - $157k Security consultant Average salary: $97,488 Salary range: $60k - $158k Information security engineer Average salary: $105,927 Salary range: $74K - $152K Information security manager Average salary: $131,725 Salary range: $88K - $196K IT security architect Average salary: $106,078 Salary range: $70K - $160K Information security director Average salary: $170,981 Range: $123K - $237K CISO Average salary: $188,260 Salary range: $105K - $264K
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Jason Albuquerque
Jason Albuquerque
Chief Operating Officer at Envision Technologies
prestitial ad