Player FM - Internet Radio Done Right
0-10 subscribers
Checked 1y ago
Đã thêm cách đây bốn năm
Nội dung được cung cấp bởi Security Weekly. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Security Weekly hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
Player FM - Ứng dụng Podcast
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Security and Compliance Weekly (video)
Đánh dấu tất cả (chưa) nghe ...
Manage series 2794683
Nội dung được cung cấp bởi Security Weekly. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Security Weekly hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
104 tập
Đánh dấu tất cả (chưa) nghe ...
Manage series 2794683
Nội dung được cung cấp bởi Security Weekly. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Security Weekly hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
104 tập
Tất cả các tập
×
1 The Security Hippie, Part 2 - Barak Engel - SCW #99 29:31
29:31
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích29:31
Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to building, managing and counseling security departments across countless and diverse organizations, including MuleSoft, Amplitude Analytics, Livenation/Ticketmaster, StubHub, Barnes and Noble, bebe Stores and many others. The goal of his new book is to convey security concepts in the form of telling stories, so we hope to hear a few examples from him during the course of the interview. To leave a heartfelt message for Hannah (Jeff's granddaughter): https://www.caringbridge.org/visit/hannahman Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw99…

1 The Security Hippie, Part 1 - Barak Engel - SCW #99 39:47
39:47
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích39:47
Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to building, managing and counseling security departments across countless and diverse organizations, including MuleSoft, Amplitude Analytics, Livenation/Ticketmaster, StubHub, Barnes and Noble, bebe Stores and many others. The goal of his new book is to convey security concepts in the form of telling stories, so we hope to hear a few examples from him during the course of the interview. To leave a heartfelt message for Hannah (Jeff's granddaughter): https://www.caringbridge.org/visit/hannahman Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw99…

1 Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 2 - Ben Carr - SCW #98 41:36
41:36
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích41:36
Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw98…

1 Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 1 - Ben Carr - SCW #98 35:08
35:08
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích35:08
Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw98…

1 Hacker Situational Awareness, Part 2 - John Threat - SCW #97 50:38
50:38
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích50:38
There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? Join us on Discord and participate in the discussion of what’s right and what’s wrong in our industry today and what can we do about it. All from a hacker’s perspective. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw97…

1 Hacker Situational Awareness, Part 1 - John Threat - SCW #97 41:01
41:01
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích41:01
There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? Join us on Discord and participate in the discussion of what’s right and what’s wrong in our industry today and what can we do about it. All from a hacker’s perspective. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw97…

1 Security & Compliance Thru the Lens of a Technology Journalist, Part 2 - Evan Schuman - SCW #96 42:55
42:55
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích42:55
In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Tools and Tirade about Retail Technology and E-Commerce. The founder of the column, Evan Schuman, is a veteran journalist who has covered a wide range of technology, privacy and legal issues over the past three decades. Evan will give us his take on many of the issues facing the connected world -past, present, and future. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw96…

1 Security & Compliance Thru the Lens of a Technology Journalist, Part 1 - Evan Schuman - SCW #96 35:24
35:24
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích35:24
In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Tools and Tirade about Retail Technology and E-Commerce. The founder of the column, Evan Schuman, is a veteran journalist who has covered a wide range of technology, privacy and legal issues over the past three decades. Evan will give us his take on many of the issues facing the connected world -past, present, and future. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw96…

1 CISA Guidance for MSPs and SMBs, Part 2 - Chris Loehr - SCW #95 38:44
38:44
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích38:44
CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and data. By exploiting trust relationships in MSP networks, cyber threat actors can gain access to a large number of the victim MSP customers. The CISA Insights publication provides mitigation and hardening guidance for MSPs and their small- and mid-size business customers. By applying this guidance, organizations can protect MSP customer network assets and reduce the risk of successful cyberattacks. Our conversation today will focus on the problems that MSPs and SMBs face in achieving the right level of security for their organizations, satisfy compliance and regulatory requirements, while trying to stay in business. Segment Resources: https://www.cisa.gov/sites/default/files/publications/CISA%20Insights_Guidance-for-MSPs-and-Small-and-Mid-sized-Businesses_S508C.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw95…

1 CISA Guidance for MSPs and SMBs, Part 1 - Chris Loehr - SCW #95 35:22
35:22
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích35:22
CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and data. By exploiting trust relationships in MSP networks, cyber threat actors can gain access to a large number of the victim MSP customers. The CISA Insights publication provides mitigation and hardening guidance for MSPs and their small- and mid-size business customers. By applying this guidance, organizations can protect MSP customer network assets and reduce the risk of successful cyberattacks. Our conversation today will focus on the problems that MSPs and SMBs face in achieving the right level of security for their organizations, satisfy compliance and regulatory requirements, while trying to stay in business. Segment Resources: https://www.cisa.gov/sites/default/files/publications/CISA%20Insights_Guidance-for-MSPs-and-Small-and-Mid-sized-Businesses_S508C.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw95…

1 Governance, Risk, & Compliance...so What? - Part 2 - Allan Alford - SCW #94 27:19
27:19
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích27:19
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw94…

1 Governance, Risk, & Compliance...so What? - Part 1 - Allan Alford - SCW #94 36:23
36:23
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích36:23
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw94…

1 Security Industry Burnout, Part 2 - Rick McElroy - SCW #93 36:16
36:16
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích36:16
With cybersecurity skills already in short supply, the prospect of losing what little workforce there is to pull from to resignations (especially in the context of the ‘Great Resignation’), is a disturbing one. Rick McElroy will speak to the causes of security burnout and the steps organizations need to take to prevent the loss of the precious resource that is security talent. He will share supporting research findings from VMware's latest Global Incident Response Threat Report: Manipulating Reality. Segment Resources: https://www.vmware.com/resources/security/global-incident-response-threat-report-manipulating-reality.html Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw93…

1 Security Industry Burnout, Part 1 - Rick McElroy - SCW #93 36:07
36:07
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích36:07
With cybersecurity skills already in short supply, the prospect of losing what little workforce there is to pull from to resignations (especially in the context of the ‘Great Resignation’), is a disturbing one. Rick McElroy will speak to the causes of security burnout and the steps organizations need to take to prevent the loss of the precious resource that is security talent. He will share supporting research findings from VMware's latest Global Incident Response Threat Report: Manipulating Reality. Segment Resources: https://www.vmware.com/resources/security/global-incident-response-threat-report-manipulating-reality.html Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw93…

1 Mapping Across an Ocean of Security Frameworks, Part 2 - Thomas Sager, Tony Sager - SCW #92 35:03
35:03
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích35:03
Tony and Thomas will discuss the importance, value, and challenge of cross-mapping security frameworks, and the rationale and process used by CIS to create end support mapping, some real-world examples, and some real-life problems. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw92…
Chào mừng bạn đến với Player FM!
Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.