CISO in Crisis, but Will the SEC Regulations Make a Difference and New NIST CSF Draft – BSW #316
In the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more!
Announcements
Security Weekly listeners: Now is your chance to join the infosec community as they come together at InfoSec World 2023, September 23 – 28, 2023 at Disney's Coronado Spring Resort in Lake Buena Vista, FL. Hear keynotes from Scott Shapiro, Founding Director at Yale CyberSecurity Lab’s and Rachel Wilson, Managing Director and Head of Cybersecurity at Morgan Stanley.
As a Security Weekly community member, you’re able to receive 20% off your InfoSec World 2023 tickets using code ISW23-SECWEEK20! Register today: securityweekly.com/infosecworld2023
Hosts
- 1. CISO in Crisis
The modern CISO faces a landscape filled with evolving threats, immense pressures, and a need to adapt continuously. The weight of these responsibilities, combined with various organizational challenges, contributes to the high turnover rate in this role.
- 2. Will SEC Cybersecurity Regulations Make a Difference?
The new SEC regulations mark a paradigm shift in cybersecurity risk governance. Their effectiveness hinges on careful execution and enforcement, balancing the need for transparency without compromising security. They present an opportunity for companies to review and enhance their cybersecurity practices. It’s a challenging journey, but with strategic planning, proactive measures and constant vigilance, companies can effectively navigate this evolving landscape.
- 3. Enterprise risk management team: Roles and responsibilities
Every facet of business operations is exposed to risks, requiring a risk management team that's composed of a diverse mix of corporate executives and managers.
- 4. NIST Drafts Major Update to Its Widely Used Cybersecurity Framework
After considering more than a year’s worth of community feedback, the National Institute of Standards and Technology (NIST) has released a draft version of the Cybersecurity Framework (CSF) 2.0, a new version of a tool it first released in 2014 to help organizations understand, reduce and communicate about cybersecurity risk. The draft update, which NIST has released for public comment, reflects changes in the cybersecurity landscape and makes it easier to put the CSF into practice — for all organizations.
- 5. Redefining Leadership: The Rise Of New Organizational Structures
The takeaway here is that leadership styles should not be one-size-fits-all. After all, the changing dynamics of leadership in the modern workplace can be likened to a shift in the global tectonic plates—slow-moving yet filled with significant implications. What was once a hierarchical model has now evolved into an intricate web of relationships and roles.
- 6. Creating a Roadmap for Your Dream Cybersecurity Career
Many of us build our cybersecurity careers based on whatever opportunities pop up or based on the first job we can find. While there is nothing wrong with this approach, it may not result in the perfect role for you. I want to spend some time reviewing how we can both approach opportunities with a long-term view and create the right opportunities for where we want to end up. I’ll start with a focus on getting into the ‘right’ cybersecurity field and then cover how to build the skills you need to advance. Finally, I’ll explain how to map out a path so that you end up in your dream job.
