The Gatekeeper – BSW #195

Sponsored By

Announcements

• Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

• Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Mike Lloyd

CTO at RedSeal

Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer. Mike holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.

Hosts

Matt Alderman

VP, Product at Living Security

Jason Albuquerque

Chief Operating Officer at Envision Technologies

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Announcements

• Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81

• Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it's too late! Visit https://securityweekly.com/unlocked to view the line-up and register!

Hosts

Matt Alderman

VP, Product at Living Security

1. 1. How to Be a Visionary Leader and Still Have a Personal Life
   The demands of an executive role can wreak havoc on the self and on personal relationships. Without thoughtful planning, leaders can experience both physical and mental-health issues as a result of their work, and their relationships with loved ones can deteriorate. Here are some tips: 1. Visualize both professional and personal outcomes. 2. Discuss your role with candor and care. 3. Build in resilience. 4. Apply a mindset of continual reinvention.
2. 2. Audit committee best practices for understanding and acting on cyber-threats
   Cyber-security risk oversight is the area with the greatest increase in audit committee disclosures in proxy statements, according to the 2020 Audit Committee Transparency Barometer issued by the Center for Audit Quality and Audit Analytics. Companies of all sizes are dealing with increasing cyber-threats and new regulations over cyber-security and data management and reporting. Here are the best practices for companies and their boards and audit committees to address cyber-security risks: 1. Set a tone from the top. 2. Talk more about cyber-security. 3. Understand cyber-risks. 4. Embrace cyber-security by design. 5. Get an independent assessment of cyber-risks. 6. Have incident response protocols.
3. 3. Cybersecurity communication key to addressing risk
   As security teams strengthen communication with the overall organization as well as with vendors, more positive cybersecurity cultures can be forged. Here re two areas of focus: 1. CISO communication and collaboration - Communicating security goals and understanding the risk tolerance of various parts of an organization is key. 2. Security teams and vendors - Building strong cybersecurity relationships and cultures based on communication, collaboration and partnerships shouldn't just be limited to within an organization. It should extend to vendors as well.
4. 4. 5 Mistakes CISOs Make in Their Board Presentations – Security Boulevard
   Here are 5 common errors in board reporting and how to avoid them. 1. Not speaking the board’s language 2. Not presenting an accurate picture of your risk 3. Not being able to quantify your security posture 4. Presenting too much information 5. Not having an operational plan
5. 5. What are CEOs focused on for next year?
   According to Gartner, CIOs can support CEOs and the business by: 1. Scaling digital efforts mainstream, without pushing experimental initiatives 2. Work with the CEO to understand whether the executive plans to restore or redesign the business, and determine where digital efforts fit in 3. Support other C-suite executives to meet CEO demands; help COOs maintain employee productivity or help CFOs maintain cash on hand.
6. 6. 5 best practices for negotiating SaaS contracts for risk and security
   Software-as-a-service providers often handle your sensitive data. Here's how to hold them to a high standard for security: 1. Create a master list of risks relevant to your organization 2. Communicate what's non-negotiable to stakeholders 3. Negotiate additional protections 4. Insist on early breach notification 5. Pay special attention to contract termination conditions

Jason Albuquerque

Chief Operating Officer at Envision Technologies

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com