Turning the Battleship – BSW #232
Full Audio
View Show IndexSegments
1. Accelerate 0-Trust Adoption W/ End2End Visibility & Increased Collaboration – Tom Roeh – BSW #232
It's no surprise that Zero Trust initiatives are increasing in importance in both the public and private sectors. New cybersecurity mandates and a boom in remote work due to COVID-19 are just two of the most common factors driving this demand. While the need for adopting Zero Trust is evident, the path to success is not.
In this episode, we discuss important considerations for planning, implementing, operating, and securing a Zero Trust deployment––more rapidly and with lower risk. This includes the vital role end-to-end visibility and frictionless collaboration between IT ops teams play across Zero Trust rollout phases.
Segment Resources:
Learn more about implementing Zero Trust: https://www.extrahop.com/solutions/security/zero-trust/?uniqueid=CC07532818&utmsource=security-weekly&utmmedium=podcast&utmcampaign=2021-q3-zero-trust-backlink&utmcontent=webpage&utmterm=no-term&utmregion=global&utmproduct=security&utmfunnelstage=top&utm_version=no-version
This segment is sponsored by ExtraHop Networks.
Visit https://securityweekly.com/extrahop to learn more about them!
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Guest
Tom currently leads the Public Sector technical team at ExtraHop Networks as Director of Systems Engineering. He has spent most of his 20-year career looking at networks, protocols, and packets in one way or another. Tom has a passion for utilizing data-driven techniques to solve the complex problems faced by modern IT practitioners. When he’s not working with ExtraHop’s expansive customer base, he is deeply involved in developing and defining automated techniques for threat detection, and currently holds two patents related to passive network detection techniques. Tom was an early responder to Wannacry and wrote the award-winning Ransomware Module for ExtraHop. Tom resides in Houston, TX along with his wife and three daughters. He remains actively involved with his alma mater Texas A&M (Electrical Engineering), and can be found most weekends cheering his Aggies on to victory.
Hosts
2. Boards Rethink Incident Response, CISOs & CIOs Share, & Stay True to Ethics – BSW #232
This Week, in the Leadership and Communications section: Boards rethink incident response playbook as ransomware surges, How CISOs and CIOs should share cybersecurity ownership, How CISOs are Building a Modern Cybersecurity Partnership, & more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
- 1. Boards rethink incident response playbook as ransomware surgesCorporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.
- 2. How CISOs and CIOs should share cybersecurity ownershipCISOs and CIOs weigh in on how their cybersecurity responsibilities are evolving with changes in the business environment and threat landscape.
- 3. 5 ways Digital Transformation Officers can make cybersecurity top priorityThe Digital Transformation Officer (DTO) plays the key role in managing the strategic approach necessary to successfully undertake such transformations. Part of that success means managing cyber-risk. We recommend DTOs consider the following trends: 1. Securing digital assets 2. Cloud security 3. Developing skills to operate novel technologies securely 4. New approaches to cyber-incident management 5. Outsourcing cybersecurity tasks
- 4. How to Be a Leader Who Stays True to Their EthicsHonest conversations are a crucial tool in helping leaders and their organizations successfully act on their ethical ambitions. If you aspire to lead ethically and with high purpose, first turn inwards. Take the time to have an honest conversation with yourself to help figure out what matters to you, and where your ethics lie. Next, align your senior team. Third, be prepared to be derailed. Unfortunately, at some point, pressure to meet shareholder expectations will derail your aspiration to lead with a higher purpose and values. And finally, don’t wait for the whistle to blow.
- 5. How CISOs are Building a Modern Cybersecurity PartnershipThere has been an ongoing dialogue regarding the benefit of cybersecurity partnerships, with chief information security officers at the forefront of the conversations. Here are five things CISOs should focus on when it comes to securing the much-anticipated cybersecurity partnership. 1. Cybersecurity should be a boardroom agenda 2. Invest in establishing a solid cloud security architecture 3. Construct a borderless security system 4. Upgrade your enterprise security architecture 5. Invest in innovations
- 6. 8 pitfalls that undermine security program successHere, security leaders warn of eight easy-to-overlook pitfalls that can undermine an otherwise successful security strategy: 1. Talking about security risk, rather than business risk 2. Overemphasizing compliance 3. Failing to move fast (enough) 4. Always focusing on the urgent 5. Focusing too much on tools and technologies instead of stakeholders and their needs 6. Keeping security within the security department 7. Overlooking your own security workers 8. Falling for the new stuff
- 7. 10 Action Steps to Become a Good FriendHere’s how to become a better friend: 1. Redesign 2. Remember the Dates 3. Utilize The Mere-Exposure Effect 4. Make Mondays Fun 5. Ask Dopamine-Boosting Questions 6. Reach Out 7. Be Courageous 8. Say “Friend!” 9. Find Their Love Language 10. Celebrate With Them Read more at: https://www.scienceofpeople.com/good-friend/