Cybersecurity Risk

Cybersecurity Risk

Hosted by: Dr. Bill Souza

Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open...


Information Protection - Processes & Procedures

Episode #51

Ideally and preferably, your cybersecurity program should follow established policies, standards, and procedures. These documents will govern all organization members, including staff, vendors, volunteers, and anyone...
View Episode

Protect - Data Security

Episode #50

Data SecurityThe third of the six critical cybersecurity categories I presented previously is “data security.” An organization's most valuable asset is data; hackers seek data sources to steal from businesses,...
View Episode

Protect - Awareness and Training

Episode #49

Securing and protecting your organization also takes a village to make happen, so cybersecurity awareness and training become very important; there’s so much technology can do to protect against phishing and its...
View Episode


Episode #48

The problem educational narrative about “college” has created a false dichotomy between the two well-discussed college purposes. Some say college is about preparing a person for work – to help them get better...
View Episode

Addressing the Highest Risks Podcast

Episode #47

Addressing the Highest RisksAs we conclude the risk assessment and governance process, the last part will deal with the organization's highest risks, not the highest vulnerability, but rather the highest risks. This...
View Episode

Cybersecurity Risk Assessment

Episode #46

Cybersecurity Risk AssessmentRisk assessment is not necessarily scanning your network aimlessly; what should you expect from your team? First and foremost, adopt a risk assessment framework; it will be a helpful guide...
View Episode

Cybersecurity Governance

Episode #45

Cybersecurity GovernanceOnce you have your hardware and software inventories, the next step might not be obvious. Still, before performing a risk assessment, you’ll need to establish a governance structure to report...
View Episode

Cybersecurity Risk Management - Software Platforms

Episode #44

The NIST CSF subcategory ID.AM-2 deals with the inventory of software platforms and applications used in your organization. Most organizations will that creating an inventory of software to be a bit more challenging...
View Episode

Cybersecurity Risk Management - Physical Devices

Episode #43

Cybersecurity Risk Management - Physical DevicesThe risk management process entails four fundamental concepts, which can be further broken down; however, the fundamental concepts are: Frame riskAssess riskRespond to...
View Episode

Questions Boards Should Ask

Episode #42

Questions Boards Should AskThe challenge for directors or investors is determining the organizational overall cybersecurity maturity relative to the risk. The board of directors, in particular, has an oversight...
View Episode

Cybersecurity Confidence vs Performance

Episode #41

Cybersecurity Confidence vs. PerformanceSeveral studies conducted in other fields showed how spending effort on analysis improved confidence even when the actual performance was not improved. A study by the University...
View Episode

The MOST Important Cybersecurity Principle

Episode #40

Asset management is most commonly associated with cybersecurity hygiene, which is associated with patching, anti-virus, access control, and other asset-specific protections. However, there are three NIST CSF...
View Episode