Business Security Weekly Episode #190 – October 05, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Transformational CISO, Metrics, & 5 Simple Ways to Make Better Decisions – 03:00 PM-03:30 PM

Announcements

• Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

• It’s official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly’s 15th Anniversary. Registration and call for speakers is now open. Visit securityweekly.com/unlocked to submit your speaking session and register for free!

Description

In the Leadership and Communications section, What it takes to be a transformational CISO, Put Your Metrics Where Your Mouth Is, 5 Simple Ways to Make Better Decisions, and more!

Hosts

Information Security Forum Research Demonstrates Importance of the Next Generation CISO – There are many other factors in the make-up of the next-generation CISO, however, they stand out as key differentiators of forward-looking professionals. The six differentiating characteristics include: • Balancing Opportunity with Risk • Demonstrating Leadership • Managing Incidents and Crises • Finding Their Own Voice • Dealing with Regulatory Volume • Handling Technology What it takes to be a transformational CISO – What exactly, though, does a transformational CISO possess that sets him or her apart? That allows him or her to “love” the hard work of overhauling and rebuilding? There are a number of traits and characteristics that define such a leader: 1. A transformational CISO is energized by change and disruption, and they’re energetic in general. 2. They’re comfortable operating in chaos. 3. They’re dynamic and adaptable. 4. They’re outspoken and persuasive, they tend to be more extraverted, and they’re able to build consensus. 5. They have to be able to do a bit of sales, and they have to be able to fit security into the rest of the company’s journey. Put Your Metrics Where Your Mouth Is – You’ve no doubt heard the saying “what gets measured gets managed.” And it’s true. Why? Because what gets measured, gets noticed. CEOs and other executives respond to what boards and shareholders notice. 5 Simple Ways to Make Better Decisions – Here are five strategies that will help you to make better, faster decisions: 1. Fewer options = better decisions. 2. Earlier is better. 3. Fewer people make better decisions than big groups. 4. Sleep on it. 5. Toss the coin. CIOs say security must adapt to permanent work-from-home – Both private- and public-sector CIOs see many more employees permanently working remotely, and say security needs to adapt to new threats and how they communicate. To Succeed in a Negotiation, Help Your Counterpart Save Face – To understand the critical nature of face to negotiation success, consider these three cases: 1. Afghanistan – Freeing Hostages 2. Calgary – A Crisis Negotiation 3. Brazil and France – A Business Tug-of-War Department of Treasury releases advisory on potential sanctions risks for facilitating ransomware payments – The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) is issuing an advisory to alert companies that engage with victims of ransomware attacks of the potential sanctions risks for facilitating ransomware payments. This advisory highlights OFAC’s designations of malicious cyber actors and those who facilitate ransomware transactions under its cyber-related sanctions program. URL to the advisory: https://home.treasury.gov/system/files/126/ofac_ransomware_advisory_10012020_1.pdf

2. The Power of True Peer-to-Peer Collaboration – 03:30 PM-04:00 PM

Announcements

• Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

• In our October 22nd technical training, we will provide a first look at a new, free resource that delivers thousands of remedies as a service to bridge the gap between vulnerabilities found, and vulnerabilities fixed! On October 28th, learn how to build an integrated security platform in our webcast at 3pm ET! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

Parham Eftekhari provides an overview of the Cybersecurity Collaborative and why the nation’s top CISOs are rediscovering the power of true peer-to-peer collaboration.

Guest(s)

Hosts