Business Security Weekly

In the leadership and communications section, Cybersecurity’s Too Important To Have A Dysfunctional Team, In a Crisis, Great Leaders Prioritize Listening, White House Announces Stricter Cybersecurity Guidelines and Rules, and more!

Paul will discuss a risk-based approach to security that prioritizes fixing the most critical issues that will reduce risk in your organization. He'll walk through a three-step cycle that continuously monitors the threat landscape, enables quick response, and measures the metrics that company leadership cares about.

Segment Resources:

https://blog.qualys.com/qualys-insights/2022/05/31/transitioning-to-a-risk-based-approach-to-cybersecurity

https://blog.qualys.com/qualys-insights/2022/07/26/aflac-completes-successful-poc-of-qualys-vmdr-2-0-with-trurisk

www.qualys.com/vmdr

This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

While applications and APIs are developed with cloud in mind, many organizations must rely on a hybrid architecture and edge computing to deliver their services given the high cost of cloud services. However, many organizations lack the right security stack to protect data and applications in these unique environments, or from threats added through reliance on open source code. With today’s attacks coming from automated threats, organizations need to implement tools to mitigate risks that impact the bottom line, brand reputation, and customer experience without slowing development lifecycles. This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

In this segment, BARR Advisory founder and president Brad Thies will use real-world examples to discuss how cybersecurity scorecards and KPIs can help organizations measure and manage the effectiveness of their cybersecurity programs. Thies will also reveal which metrics he sees as most valuable in evaluating cybersecurity posture and discuss how to define accountability for security within an organization. This segment is sponsored by BARR Advisory. Visit https://securityweekly.com/barradvisory to learn more about them!

In the leadership and communications section, 7 Uniquely Personal Bits of Wisdom To Improve Your Leadership, 4 key areas cybersecurity leaders should focus on, Cybersecurity spending strategies in uncertain economic times, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

In the leadership and communications section, CISO salaries balloon, likely spurred by demand, 4 Steps to Being an Authentic Leader, Keeping Your Team Motivated When the Company Is Struggling, and more!

In order to run a successful SOC, security leaders rely on tools with different strengths to create layers of defense. This has led to a highly siloed industry with over 2,000 vendors, each with their own specific function and who very seldom work together. To gain an advantage on attackers, we need to start seeing cybersecurity as a team sport––united for a shared mission.

In this session, ExtraHop’s Chase Snyder discusses why and how vendors should work together to enable better integrated security for their customers. He’ll answer questions like “what is XDR?” and “how do I get my vendors to work together?”.

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

In 1995, Craig Newmark started curating a list of San Francisco arts and technology events, which he personally emailed to friends and colleagues. People were soon calling it “Craig’s List.” Most know the rest of the story. But what did that rapid entry into tech entrepreneurship teach him about information security? And how did that lead to a passion for, among other things, cyber philanthropy? SC Media's Jill Aitoro will speak to Newmark about his career, and his own evolution in infosec awareness that came with it.

Among the more challenging phases for a cyber business is transitioning from inspiring startup to successful enterprise, strategically leveraging investment to scale. SC Media's Jill Aitoro will sit down with Dave Dewalt, founder of NightDragon, and Matt Carroll, CEO of NightDragon's newest investment Immuta.

Employees are on the move. As tech and security leaders adjust to managing hybrid teams, they should also plan for the loss and replacement of key security talent. Attrition and the increasing length of time needed to find a replacement leaves security programs — and firms — vulnerable. Implementing a formal succession planning process for the security organization mitigates risk and increases employee satisfaction and retention. This report provides steps for starting a succession planning program and real-world examples of companies that are already focused on developing and retaining the next generation of security talent.

Segment Resources:

https://www.forrester.com/report/succession-planning-is-a-business-resilience-imperative/RES177689?ref_search=604835_1658240598764

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

In the leadership and communications section, The Number 1 Growth Killer is Leadership Debt, How to Talk to Your Board & C-Suite About Cybersecurity, 5 ways to unite security and compliance, and more!

Zero Trust is the security buzzword of the moment, and while it is a very powerful approach, nearly every enterprise security product on the market – and some that aren’t even security products — are saying they enable Zero Trust. The problem is this: you can’t buy zero trust. It’s an approach, an architecture, and a journey, not software, hardware, or a service to deploy.

Zero Trust also provides a rare opportunity in security - to reduce cost, improve security AND enhance end-user and customer experience.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Neal Bridges, CISO at Query.AI and well-known cybersecurity influencer, breaks down the key differences between the CISO role at a startup vs. an enterprise. He also provides best practices to be successful in this changing role.

In the leadership and communications section,CISOs: Embrace a common business language to report on cybersecurity, The Strategic Impact of Verizon's 2022 Data Breach Investigations Report, Make Shy Employees Part of Your Cybersecurity Strategy, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

In the leadership and communications section, How CISOs can prepare for new and unpredictable cyberthreats, 8 Leadership and Management Principles from Ex-Navy Seal, Practice Transparent Leadership, and more!

IIoT infrastructure protection requires immediate attention.

Barracuda just released key findings from a report titled "The state of industrial security in 2022," that covers the following:

• The network breaches, ransomware attacks, and other security incidents businesses are facing

• The current challenges related to infrastructure protection, remote access security, and digital transformation

• The solutions and strategies decision makers are using to close security loopholes and boost the protection of IIoT infrastructure

Segment Resources Coming Soon This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

In the Leadership and Communications segment: How to build a cyber capable board, Who Is Legally Responsible for a Cyber Incident?, Building a security culture of 'Yes', and more!

This edition of Security money is a 2 quarter update for both Q1 2022 and Q2 2022. That's what happens when you have a lot of interest and interviews. Although the SW25 Index is down, it's still outperforming the Nasdaq!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly