Description
In this episode of CISO Tradecraft, host G Mark Hardy is joined by special guest Rick Howard, Chief Security Officer, Chief Analyst and Senior Fellow at CyberWire. Rick shares his insights on first principles in cybersecurity, discussing how these form the foundations of any cybersecurity strategy. He emphasizes the importance of understanding materiality and integrating the concept of time bound risk assessment to achieve a resilient cybersecurity environment. The episode also delves into the value of Fermi estimates and Bayes algorithm for risk calculation. Amid humor and personal anecdotes, Rick and Mark also reflect on their experiences during 9/11. Rick introduces his book, 'Cybersecurity First Principles', elucidating the rationale behind its conception.
Link to the Cybersecurity First Principles Book: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/B0CBVSX2H2/?&_encoding=UTF8&tag=-0-0-20&linkCode=ur2&linkId=1b3010fb678a109743f1fb564eb6d0fc&camp=1789&creative=9325
Transcripts: https://docs.google.com/document/d/1y8JPSzpmqDMd-1PZ-MWSqOuxgFTDVvre
Chapters
00:00 Introduction
02:00 Guest's Career Journey and Achievements
08:49 Discussion on Cybersecurity First Principles
15:27 Understanding Materiality in Cybersecurity
21:56 The Gap Between Security Teams and Business Leaders
22:21 The Importance of Speaking the Language of Business
23:03 The Art of the Elevator Pitch
24:04 The Impact of Cybersecurity on Business Value
25:10 The Importance of a Clear Cybersecurity Strategy
26:04 The Value of Business Fluency in Cybersecurity
27:44 The Role of Risk Calculation in Cybersecurity
29:41 The Power of Estimation in Risk Management
30:33 The Importance of Understanding Business Imperatives
41:25 The Role of Culture and Risk Appetite in Cybersecurity
45:39 The First Principle of Cybersecurity
This podcast episode of CISO Tradecraft features Shawnee Delaney, an insider threat expert, discussing insider threats in cybersecurity. Delaney, whose background includes espionage, explains how understanding human motivation and vulnerabilities is crucial for identifying and mitigating insider...
Published 11/25/24
Welcome to another enlightening episode of CISO Tradecraft! In this episode, host G. Mark Hardy dives deep into the critical topic of CISO burnout with special guest Raghav Singh, a PhD candidate from the University of Buffalo. This is an eye-opening session for anyone in the cybersecurity field,...
Published 11/18/24