bsw209

Business Security Weekly Episode #209 – March 15, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. The Nine Cybersecurity Habits – 03:00 PM-03:30 PM

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • Our next live webcast will be on March 18th at 11am ET where you will learn how to Prepare Linux Hosts for Unexpected Threats! Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

In 1989, Stephen Covey first published “The 7 Habits of Highly Effective People,” empowering and inspiring leaders for over 25 years. Is there an equivalent or new set of habits for CISOs? George Finney, Chief Security Officer at Southern Methodist University, joins Business Security Weekly to discuss the Nine Cybersecurity Habits.

Segment Gallery





Guest(s)

George Finney

George Finney – CSO at Southern Methodist University

@wellawaresecure

George Finney is a Chief Information Security Officer that believes that people are the key to solving our cybersecurity challenges. George is the bestselling author of several cybersecurity books, including the award-winning book, Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future. George has worked in Cybersecurity for over 20 years and has helped startups, global telecommunications firms, and nonprofits improve their security posture.

Hosts

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

CIO & CSO at Carousel Industries

 MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

 PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

2. Importance of Culture, Engaging The Board, & 8 New Roles! – 03:30 PM-04:00 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Description

This week, in the Leadership and Communications section, The importance of culture in digital transformation, 4 ways to keep the cybersecurity conversation going after the crisis has passed, 8 new roles today’s security team needs, and more!

Hosts

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

CIO & CSO at Carousel Industries
MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance
  1. What CEOs Need to Know About the Cloud in 2021 – If you’re a business leader daunted by cloud adoption, consider our research- and experience-informed answers to these questions:

    1. Can I really trust my data in the cloud?
    2. Do I have to get rid of my legacy infrastructure once and for all?
    3. How do I make the right cloud choices for my business?
    4. How does shifting our work to the cloud make it possible to reimagine the business?
    5. Do I have the skills I need to take advantage of the cloud?

  2. The Importance of Culture in Digital Transformation – Trying to accomplish digital transformation without the right culture could result in failure to launch. Here are five steps you need to take to get off the ground:

    1. Set the digital transformation vision
    2. Make risk-taking acceptable
    3. Hire and train for digital skills
    4. Build teams and demonstrate leadership
    5. Implement, measure and improve

  3. 4 ways to keep the cybersecurity conversation going after the crisis has passed – Executives and board members focus more on cybersecurity when there’s immediate danger. Here’s how CISOs can use a crisis like SolarWinds to translate security into business strategy:

    1. Match up with business models
    2. Benchmark against your competitors
    3. Leverage the push for legislation
    4. Build relationships

  4. Actionable Tips for Engaging the Board on Cybersecurity – Up your game with your company’s board of directors to help them understand your cybersecurity priorities with these actionable tips:

    1. Build Board Rapport
    2. Watch Your Language
    3. Show and Tell
    4. Be Ready to Pivot

  5. 3 Pragmatic Root Causes of Data Breaches – At the highest level, cybersecurity breaches are the result of one of three problems: lack or prioritization, lack of investment or poor execution of security procedures. How do you set up a CISO for success for organizations that don’t just view security as a compliance function or as a cost center? To start:

    1. Have the CISO report to the CEO
    2. Have the CISO present to the audit committee at least once per quarter.
    3. Have the CISO present to the entire board of directors at least once per year, if not more often as needed.
    4. Give the CISO their own budget, team, and decision-making authority.

  6. 8 new roles today’s security team needs – Demand for cybersecurity professionals remains sky-high. Make sure you’re hiring for the right roles. Here are the eight key roles for IT security in 2021.

    1. Identity and access management engineer
    2. Manager of third-party risk
    3. DevSecOps security engineer
    4. Threat hunter
    5. Vulnerability risk analyst
    6. Cloud security architect
    7. Incident response manager
    8. CISO
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly