
All Episodes
Episodes
Information Protection - Processes & Procedures
Ideally and preferably, your cybersecurity program should follow established policies, standards, and procedures. These documents will govern all organization members, including staff, vendors, volunteers, and anyone...
View Episode
Protect - Data Security
Data SecurityThe third of the six critical cybersecurity categories I presented previously is “data security.” An organization's most valuable asset is data; hackers seek data sources to steal from businesses,...
View Episode
Protect - Awareness and Training
Securing and protecting your organization also takes a village to make happen, so cybersecurity awareness and training become very important; there’s so much technology can do to protect against phishing and its...
View Episode
Education
The problem educational narrative about “college” has created a false dichotomy between the two well-discussed college purposes. Some say college is about preparing a person for work – to help them get better...
View Episode
Addressing the Highest Risks Podcast
Addressing the Highest RisksAs we conclude the risk assessment and governance process, the last part will deal with the organization's highest risks, not the highest vulnerability, but rather the highest risks. This...
View Episode
Cybersecurity Risk Assessment
Cybersecurity Risk AssessmentRisk assessment is not necessarily scanning your network aimlessly; what should you expect from your team? First and foremost, adopt a risk assessment framework; it will be a helpful guide...
View Episode
Cybersecurity Governance
Cybersecurity GovernanceOnce you have your hardware and software inventories, the next step might not be obvious. Still, before performing a risk assessment, you’ll need to establish a governance structure to report...
View Episode
Cybersecurity Risk Management - Software Platforms
The NIST CSF subcategory ID.AM-2 deals with the inventory of software platforms and applications used in your organization. Most organizations will that creating an inventory of software to be a bit more challenging...
View Episode
Cybersecurity Risk Management - Physical Devices
Cybersecurity Risk Management - Physical DevicesThe risk management process entails four fundamental concepts, which can be further broken down; however, the fundamental concepts are: Frame riskAssess riskRespond to...
View Episode
Questions Boards Should Ask
Questions Boards Should AskThe challenge for directors or investors is determining the organizational overall cybersecurity maturity relative to the risk. The board of directors, in particular, has an oversight...
View Episode
Cybersecurity Confidence vs Performance
Cybersecurity Confidence vs. PerformanceSeveral studies conducted in other fields showed how spending effort on analysis improved confidence even when the actual performance was not improved. A study by the University...
View Episode
The MOST Important Cybersecurity Principle
Asset management is most commonly associated with cybersecurity hygiene, which is associated with patching, anti-virus, access control, and other asset-specific protections. However, there are three NIST CSF...
View Episode