bsw261

Business Security Weekly Episode #261 – May 02, 2022

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Extended Security Posture Management – 03:00 PM-03:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/cymulate for more information!

Announcements

  • Security Weekly listeners, save $100 on your RSA Conference 2022 Full Conference Pass! RSA Conference will be live in San Francisco June 6th-9th, 2022. Security Weekly will be there in full force, delivering real-time, live coverage and interviewing some of the event’s top speakers and sponsors. To register using our discount code, please visit https://securityweekly.com/rsac2022 and use the code 52UCYBER. We hope to see you there!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Organizations spend a lot of money on security tools, but how do I know those investments are working?

Dave Klein, Cybersecurity Evangelist at Cymulate joins Business Security Weekly to discuss the value of “Extended Security Posture Management”. By continuously testing your security solutions with real-time, offensive simulations, organizations can validate their security investments and answer simple questions like “Are we vulnerable?”.

This segment is sponsored by Cymulate.

Visit https://securityweekly.com/cymulate to learn more about them!

Guest(s)

Dave Klein

Dave Klein – Director, Cybersecurity Evangelist at Cymulate

@CyberCaffeinate

Dave Klein is the Director of Cyber Evangelism for Cymulate. With more than 21 years of real-world cybersecurity experience he works with Cymulate teams, customers and industry thought leaders to address the challenges of securing modern enterprise environments. Dave’s long career includes working on the NIST response to President Obama’s Policy Directive 21 on Critical Infrastructure Security and Resilience, leading some of the largest sales engagements for US Federal security solutions, and working with the City of New York post 9/11, helping shore up cyber defenses.

Hosts

BenCarr

Ben Carr

CISO at Cradlepoint

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

Chief Operating Officer at Envision Technologies

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

2. Lessons From Breach Lawsuits, 5 Leadership Principles, & Express More Gratitude – 03:30 PM-04:00 PM

Announcements

  • Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Don’t forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Description

In the Leadership and Communications section for this week: SolarWinds breach lawsuits: 6 takeaways for CISOs, Navy Seals’ 5 Leadership Principles That Will Transform Entrepreneurs Into Influential Leaders, More Powerful People Express Less Gratitude, & more!

Hosts

BenCarr

Ben Carr

CISO at Cradlepoint

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

Chief Operating Officer at Envision Technologies

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

  1. Here are what CISOs named as their 20 critical priorities for 2022 – Here’s a snapshot of the topics CISOs are focused on in 2022:

    – Threat landscape/current security events
    – Malware/ransomware readiness
    – Cloud security
    – Workforce recruitment and development
    – Zero trust

  2. SolarWinds breach lawsuits: 6 takeaways for CISOs – Civil lawsuits aim to show that SolarWinds and its CISO did not take adequate actions to prevent a breach. Here’s how security leaders can protect themselves and their organizations from similar claims:

    – Personnel need to follow policy and procedures
    – Maintain a register to track and manage risks
    – Document cybersecurity training
    – Assign mission-critical tasks according to risk
    – Have a long-term security plan, but be prepared to pivot
    – Resource cybersecurity according to risk

  3. C-suite shifts: CTOs team with CIOs to confront IT challenges – As businesses continue to adjust to an unpredictable pandemic, unreliable supply chains and the unabated presence of cyberthreats, there are hopeful signs that a more collaborative relationship between CIOs and CTOs is helping companies meet growing technology demands.
  4. Four worries bank cybersecurity experts face – Here is a look at some of the tactics of highly sophisticated threat actors, third-party threats banks face and what cybersecurity experts believe their institutions ought to do about them.

    – Hackers target market-moving information
    – Bank tech partners also present security risks
    – Banks worry about insecurity of crypto exchanges
    – Most security chiefs don’t report to the CEO

  5. Navy Seals’ 5 Leadership Principles That Will Transform Entrepreneurs Into Influential Leaders – After ten years of building my startup, I wish someone had shown me these lessons earlier:

    Lesson 1: Your Mission Comes First
    Lesson 2: It’s Always Your Fault, Sir
    Lesson 3: Complexity Is a Way to Disaster
    Lesson 4: Don’t Lead The Entire Army
    Lesson 5: The Skill You Need To Train Every Morning

  6. Research: More Powerful People Express Less Gratitude – Research shows that people with power tend to express gratitude less than those without it. In organizations, this can result in employees feeling under-appreciated and, in some cases, more likely to quit. To develop better habits around gratitude, leaders should understand the outsized impact a “thank you” can have, particularly in the era of remote work, and begin taking the perspective of others and leading by example. And if your boss doesn’t thank you enough, you can take steps to boost gratitude in your own life. Consider reaching out to old bosses and colleagues to say thank you and rekindle connections, or vocally boost the contributions of low-power employees in workplace settings.