
Season 1
Episodes
Cyber Risk Identification
Today’s episode I will discuss a strategy to identify critical systems in your organization. The steps I will discuss today will make sure your program is objective and repeatable.The eBook mentioned in this podcast...
View Episode
Key Risk Indicators
Today’s episode we will discuss how to identify KRIs (key risk indicators). I’ll discuss a simple and effective way to do it; there seems to be a lot of confusion on what to measure and for a long time, subject matter...
View Episode
Tail Risks: What are you going to do differently?
Today’s episode, we will discuss “tail risk” and the impact it may have on organizations when it’s realized. Given our current environment, it seems entirely appropriate for us to have this meaningful discussion.
View Episode
Risk Formula: What's wrong with it?
Today’s episode we will discuss the popular risk formula, “Risk = Threat x Vulnerability x Consequence/Impact and its limitations to actually provide accurate information for a cybersecurity investment or tactical...
View Episode
Threat Reports: What's Missing
I will discuss “Threat Reports,” specifically eight 2019 reports; the 2019 data breach investigations report by Verizon; 2019 data breach investigations report (executive summary) by Verizon; 2019 annual report, state...
View Episode
Security Controls Selection
Today’s episode we will discuss a strategy to select controls to assess, this strategy can be used to select any controls for your assessment, as a framework for security control selection, this approach is standard...
View Episode
Assessments: System Selection
Today’s episode we will discuss a strategy to select an environment to assess, this strategy can be used from your first assessment to developing an assessment calendar. The steps we will discuss today will make sure...
View Episode
Cyber Risk & Cyber Governance Overall Program
In this episode, we discuss an overview of our cybersecurity risk and governance program. Here I'll discuss what we are trying to achieve in the next several podcasts. Starting from choosing an environment and...
View Episode
Program Assessments
There are six-step in a cybersecurity program assessment framework. I will discuss each step of the framework and how it will help you to achieve a comprehensive assessment. A cybersecurity program assessment is a...
View Episode