Security and Compliance Weekly (audio) – Details, episodes & analysis

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to building, managing and counseling security departments across countless and diverse organizations, including MuleSoft, Amplitude Analytics, Livenation/Ticketmaster, StubHub, Barnes and Noble, bebe Stores and many others. The goal of his new book is to convey security concepts in the form of telling stories, so we hope to hear a few examples from him during the course of the interview.

Show Notes: https://securityweekly.com/scw99

To leave a heartfelt message for Hannah (Jeff's granddaughter): https://www.caringbridge.org/visit/hannahman

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more!

Show Notes: https://securityweekly.com/scw98

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week we're talking all things ISO27001 with Wim Remes! We're starting with what it is, the who, what, where, when, why etc. then we'll talk about the bad and the good. Tune in for this special listener requested topic!

Show Notes: https://securityweekly.com/scw89

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Casey Ellis, Founder/Chair/CTO at Bugcrowd, to talk about Compliance and “The Crowd”! Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.

Show Notes: https://securityweekly.com/scw88

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Johanna Baum, CEO, Founder at Strategic Security Solutions, to talk about Activism v. Hacktivism! "Hacktivism" is a controversial term with several meanings. The word was coined to characterize electronic direct action as working toward social change by combining programming skills with critical thinking. But just as hack can sometimes mean cyber crime, hacktivism can be used to mean activism that is malicious, destructive, and undermining the security of the Internet as a technical, economic, and political platform.

Show Notes: https://securityweekly.com/scw87

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Jim Henderson, Insider Threat Mitigation Training Course Instructor & Consultant at Insider Threat Defense Group, Inc., to discuss Insider Threats Overview - Going Beyond The Norm!

Show Notes: https://securityweekly.com/scw86

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Christopher Bulin, Founder & CEO at Proven PCI, to talk about The Truth Behind the Payments! SMB needs to understand the importance of being PCI compliant and that just because the verbiage on a website says the vendor is compliant, doesn't make the merchant compliant. Just because it says it from a service provider standpoint, asking for a copy of their AOC is critical. If your merchant service provider is guiding you through the SAQ, or telling you to just check yes or no, they are coercing you into falsifying documents which is a breach of your agreement.

Show Notes: https://securityweekly.com/scw85

Segment Resources: https://www.linkedin.com/pulse/what-matters-moreyour-vendor-relationship-your-client-bulin/?published=t

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Tim Callahan, SVP, Global CISO at Aflac, to talk about From Compliance to Resiliency: The Evolution of InfoSec! Because only maintaining compliance is not enough to protect your business from the ever-evolving threat landscape, in this session, we will consider the intersection and codependence of compliance with security, maturity, defensibility and resiliency. An effective and maturing program must also align to a Control Framework so that you can measure its effectiveness and ensure appropriate decisions are made that enable business requirements and protect the security, integrity, and availability of information and technology. All of this must happen through the lens of defensibility which is an essential consideration when making risk decisions. And finally, we will look at what makes a business cyber-resilient. The cyber-strong resilient company has the ability to quickly adapt to disruptions while maintaining continuous business operations, and safeguarding people, assets, and overall brand equity.

Show Notes: https://securityweekly.com/scw84

To find out more and register with your Security Weekly discount code, visit: https://securityweekly.com/isw2021

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Naomi Buckwalter, Founder & Executive Director at Cybersecurity Gatebreakers Foundation, to discuss Gatekeeping in Cybersecurity! The “cybersecurity skills gap” is a myth. There is no skills gap. There are tens of thousands of amazing, highly intelligent, passionate people around the world looking to break into cybersecurity, but they never get the chance. Hiring managers and gatekeepers are simply unwilling to train and mentor the next generation of cybersecurity professionals, and this hurts our profession immensely. We’re fighting an asymmetric war, in which one bad actor can attack multiple companies and industries. We simply don’t have enough defenders and good guys in the trenches, and we need more fighters. The more fighters we have, the better chance we have at winning.

Show Notes: https://securityweekly.com/scw83

Segment Resources: https://cybersecuritygatebreakers.org

Visit https://www.securityweekly.com/scw for all the latest episodes! 

Follow us on Twitter: https://twitter.com/securityweekly

Follow us on Facebook: https://facebook.com/secweekly

This week, we welcome Matthew Erickson, Vice President of Solutions at SpiderOak Mission Systems, to discuss Protecting Comm. & Collaboration in Contested Environments! Protecting digital communication and collaboration is critical to both our military and private sector industries in driving mission success. Our ability to secure the local and remote systems we rely on to share and operationalize sensitive and confidential information to and from even the most remote location is vital to national security and our economy. Unfortunately, our adversaries know this and are dedicated to infiltrating, exfiltrating, and disrupting this flow of information.

Show Notes: https://securityweekly.com/scw82

Visit https://securityweekly.com/spideroak to learn more about them!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://twitter.com/securityweekly

Follow us on Facebook: https://facebook.com/secweekly