CISO Stories Podcast (Audio)

Let's talk to cybersecurity expert, Lalisha Hurt, about her approach to selecting the right tools for your organization by using proven methods such as referencing the Gartner Magic Quadrant, thinking about the entire IT portfolio as part of your selection process, and what a successful 'Vendor Day' can do!

Visit https://cisostoriespodcast.com for all the latest episodes!

Show Notes: https://cisostoriespodcast.com/csp-197

In this episode of CSP, we sit down with Dr. Sean Murphy, the CISO of BECU, one of Seattle’s largest credit unions, to discuss the shifts in identity security brought on by the COVID-19 pandemic. Dr. Murphy highlights how Zero Trust architecture became crucial for verifying internal users, especially as remote work became the norm. He shares insights on the unique challenges of securing a remote workforce in the banking sector and underscores the importance of a robust identity security framework in protecting both members and employees in today’s evolving threat landscape. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!

This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!

This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!

Visit https://cisostoriespodcast.com for all the latest episodes!

Show Notes: https://cisostoriespodcast.com/csp-201

In this episode, we dive into the critical role of proper configurations in cloud environments and why misconfigurations remain the leading cause of security breaches. From overly permissive access controls to unencrypted data stores and default credentials left unchanged, we explore real-world examples that adversaries exploit. Learn how organizations can mitigate these risks through proactive monitoring, automated tools, and a culture of security-first thinking. Tune in to uncover actionable insights to keep your cloud infrastructure secure.

This segment is sponsored by Fortinet Cloud Security. Visit https://cisostoriespodcast.com/fortinet to learn more about them!

Segment Resources: CoGuard CLI (Select cloud resources can be scanned with a free account): https://portal.coguard.io/auth/realms/coguard/protocol/openid-connect/auth?clientid=client-react-frontend&redirecturi=https%3A%2F%2Fportal.coguard.io%2F&state=7cd7e2ac-aa64-497d-8957-f0b8be3e2f8d&responsemode=fragment&responsetype=code&scope=openid&nonce=86649c48-03f3-44c1-9612-560d42e049d9

More info on the CoGuard CLI on Github: https://github.com/coguardio/

Open AI grant: https://openai.com/index/empowering-defenders-through-our-cybersecurity-grant-program/

Open AI research results on Github: https://github.com/coguardio/coguardopenairuleautogeneration_research

Securing Multi Cloud Environments - Tips from Nadia's co-founder/CTO - blog: https://www.coguard.io/post/securing-multi-cloud-environments

Visit https://cisostoriespodcast.com for all the latest episodes!

Show Notes: https://cisostoriespodcast.com/csp-204

CISOs need to enhance their strategic influence and operational impact within their organizations. This calls for a departure from traditional, insular security approaches towards a partnership model that aligns security initiatives with business growth and value. By adopting an attitude of listening, humility, and interdisciplinary collaboration, CISOs can transcend fear-based justifications for investment and instead, demonstrate how robust cyber security measures contribute to the overall health and success of the business. Such an evolution in the CISO role is essential for building resilient, forward-looking organizations that view security as a cornerstone of their strategic endeavors.

In the combined context of Resilience and Reputation and Trust, CISOs must orchestrate a delicate balance between robust defensive measures and the cultivation of a strong, trustworthy brand. At this juncture, resilience becomes more than just a technical safeguard; it is about ensuring the continuity and reliability that stakeholders have come to expect. This reliability directly feeds into the organization's reputation, setting the stage for trust to be the cornerstone of all engagements—internal and external. The journey from a reactive security posture to one that is proactive and business-aligned requires that CISOs embed security consciousness into the corporate DNA. As they reach these advanced stages, CISOs transform their roles from protectors to strategic enablers, guiding their organizations through the digital landscape with a clear vision for safeguarding and enhancing both operational fortitude and brand integrity. Security thus becomes an integral part of the value proposition, fostering trust and loyalty among customers, and cementing the organization's reputation as a leader in responsible business practices in the digital age.

Segment Resources:

Webcast: https://www.scmagazine.com/cybercast/the-regulatory-landscape-in-2030-what-you-need-to-know

Podcast (Enterprise Security Weekly): https://www.scmagazine.com/podcast-segment/11416-the-rise-of-regops-the-need-for-compliance-automation-travis-howerton-esw-313

News/interview: https://www.scmagazine.com/news/generative-ai-not-just-revolutionary-but-evolutionary

This segment is sponsored by RegScale. Visit https://cisostoriespodcast.com/regscale to learn more about them!

Visit https://cisostoriespodcast.com for all the latest episodes!

Show Notes: https://cisostoriespodcast.com/csp-184

Vulnerabilities are the ‘front doors’ for attackers to infiltrate our systems and a key process organizations must get right into order to protect our systems and information assets. Join us as we discuss vulnerability management, identification of assets, prioritization, threat intelligence, leveraging tools, desired vulnerability product features, business impact and vulnerability measurement timing.

Visit https://cisostoriespodcast.com for all the latest episodes!

Show Notes: https://cisostoriespodcast.com/csp-189