View More BSW Episodes

BSW #270 – Doug Landoll

In the leadership and communications section, 5 Cybersecurity Questions CFOs Should Ask CISOs, How Leaders Can Escape Their Echo Chambers, 10 Cybersecurity Compliance Statistics That Show Why You Must Up Your Cybersecurity Game, and more! Most current security risk assessments are not effective. Doug Landoll joins BSW to explain how we can fIx this. Doug will share 5 Essential Elements of an Effective Security Risk Assessment, including: Scoping, Scheduling, and Champions Team Structure Data and Measurements Calculations and Analysis Reporting, Presentation, and Tracking Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/se...

Full Show Notes
Segment One

Why Your Current Security Risk Assessment is Not Effective and How to Fix It – Doug Landoll – BSW #270

Most current security risk assessments are not effective. Doug Landoll joins BSW to explain how we can fIx this. Doug will share 5 Essential Elements of an Effective Security Risk Assessment, including:

  • Scoping, Scheduling, and Champions
  • Team Structure
  • Data and Measurements
  • Calculations and Analysis
  • Reporting, Presentation, and Tracking
Guest
CEO at Lantego

Douglas J. Landoll (CISSP, MBA, ISSA Distinguished Fellow) is a recognized leader in cybersecurity with over 34 years
experience in evaluating cybersecurity controls and system
assessments for top corporations, and government agencies.

He is the author of numerous cybersecurity publications
including, The Security Risk Assessment Handbook, Information Security Policies, Procedures, and Standards, and The Physical Security Field Guide. His cybersecurity
publications are used as textbooks in university cybersecurity programs and as reference books for cybersecurity professionals.

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Segment Two

5 Questions CFOs Should Ask, Escape Your Echo Chamber, and Up Your Cybersecurity Game – BSW #270

In the leadership and communications section, 5 Cybersecurity Questions CFOs Should Ask CISOs, How Leaders Can Escape Their Echo Chambers, 10 Cybersecurity Compliance Statistics That Show Why You Must Up Your Cybersecurity Game, and more!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

List of Articles

Matt Alderman

  1. 5 Cybersecurity Questions CFOs Should Ask CISOs

    Here are five questions CFOs should be asking their CISOs about the security of their companies.

    1. How secure are we as an organization?
    2. What are the main security threats or risks in our industry?
    3. How do we ensure that the cybersecurity team and the CISO are involved in business development?
    4. What are the risks and potential costs of not implementing a cyber control?
    5. Do employees understand information security and are they implementing security protocols successfully?
  2. How Leaders Can Escape Their Echo Chambers

    While leaders are broadly aware of the importance of creating a psychologically safe culture to encourage candor, they are less cognizant of how subtle leadership behaviors can get in the way of people speaking up. In this article, the author shares behaviors that leaders might not realize shut down dissenting perspectives and offers guidance about what to do instead. Taking these actions will help you step outside the bubble of agreement where many leaders unwittingly exist.

  3. Leadership Moment: Empathic Leadership

    Here are a few tips for incorporating empathy into your leadership style:

    1. Be open to new perspectives.
    2. Listen actively.
    3. Show that you care.
    4. Put yourself in their shoes.
    5. Communicate effectively.
  4. Are bad office habits getting in the way of remote work?

    Various studies have shown that employees are willing to quit over a lack of flexibility; one survey from GoodFirms published at the end of 2021 found that 70% of HR managers pointed to flexibility concerns as a reason for resignations — the most cited cause in the survey.

  5. 10 Cybersecurity Compliance Statistics That Show Why You Must Up Your Cybersecurity Game

    Let’s consider some relevant industry data (i.e., cybersecurity compliance statistics) that shows exactly what we mean by all of this.

    1. 93% of Employees Are Overly Confident About Their Cyber Preparedness
    2. 50%+ of Employees Aren’t Aware of Their Organization’s New Cybersecurity Policies
    3. 44% of Companies Require Vendors to Provide Proof of Cybersecurity as Part of Their RFPs
    4. 45% of Organizations Globally Will Experience Supply Chain Attacks by 2025
    5. GDPR Noncompliance Fines Hit Nearly $100 Million in First Half of 2022
    6. 46% of Medical Device Companies Say They’re Compliant With Cybersec Regulations & Standards
    7. 80% of Medical Device Manufacturers View Device Security as a “Necessary Evil”
    8. More Than 22 Billion Records Were Exposed on 4,145 Publicly Disclosed Breaches in 2021
    9. 23% of Organizations’ Public Cloud Security Incidents Resulted From Misconfigurations
    10. 39% of Companies Rank Compliance as One of Their Top Three Day-to-Day Headaches
  6. Culture wars: In the battle to retain tech talent, morale matters

    Companies have overlooked culture in the past. But when employees have endless options, improving culture and morale is vital.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Episodes

Related Content

You can skip this ad in 5 seconds