Cybersecurity Risk-logo

Cybersecurity Risk

Technology Podcasts

Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open conversation on governance, risk, and compliance to move your organization from as-is to the next level. Here we will have discussions on program assessments, control assessments, risk identification, risk register, mitigation plans, and much more.

Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open conversation on governance, risk, and compliance to move your organization from as-is to the next level. Here we will have discussions on program assessments, control assessments, risk identification, risk register, mitigation plans, and much more.

Location:

United States

Description:

Cyber risk is a complex topic and part of a larger picture in your organization. Cyber risk is a strategic necessity for any organization to increase cyber resilience. In this podcast, we will have an open conversation on governance, risk, and compliance to move your organization from as-is to the next level. Here we will have discussions on program assessments, control assessments, risk identification, risk register, mitigation plans, and much more.

Language:

English


Episodes

Tackling Risk Probability and Impact

10/14/2021
Today I’ll discuss risk probability and impact and give you some examples to build your own impact and probability table. Thanks. Dr. Bill Souza CEO/Founder E|CE - Executive Cyber Education https://www.execcybered.com

Duration:00:08:08

5 Cybersecurity Challenges

9/26/2021
Today I’ll touch on the topic of Cyber Risk & Cyber Investment challenges. Thanks. Dr. Bill Souza CEO/Founder E|CE - Executive Cyber Education https://www.execcybered.com

Duration:00:07:30

Lacking Basic Cybersecurity Practices

9/9/2021
The show today is based on an article titled, “Global utilities lacking basic cybersecurity practices.” Although the article was focused on utilities, the guidance is applicable to every industry, so I will touch on a few recommendations that could be useful to you as well, regardless of industry. Links mentioned on the show: Article: Global utilities lacking basic cybersecurity practices says expert (powerengineeringint.com) Webinar:...

Duration:00:07:26

Cybersecurity Basics - What you Need to Know

8/26/2021
We are so focused on the threats and the vulnerabilities that allowed a hack to occur, that we forget the basics. The protection necessary to prevent or slow down these attacks already exists, and they exist for a long time. Thanks. Dr. Bill Souza CEO/Founder E|CE - Executive Cyber Education https://www.execcybered.com

Duration:00:10:53

Cybersecurity Exceptions - Part 3 (FINAL)

8/19/2021
In today's episode, I will discuss exceptions tracking and expirations. This is the last episode in a three-part series on cybersecurity standard exceptions. Thanks. Dr. Bill Souza CEO/Founder E|CE - Executive Cyber Education https://www.execcybered.com

Duration:00:05:52

Cybersecurity Exceptions - Part 2

8/12/2021
As I mentioned in my previous episode, there’s much more to discuss on cybersecurity exceptions, such as the risk they pose to the organization and the hidden dangers of cumulative risk. Blog: https://www.execcybered.com/blog/cybersecurity-exceptions-part-2 Thanks. Dr. Bill Souza Founder & CEO E|CE - Executive Cyber Education www.execcybered.com

Duration:00:05:44

Cybersecurity Exceptions - Part 1

8/5/2021
If your cybersecurity standards were written to protect the organization, why do you have security exceptions? Your standard development team writes an excellent standard; it follows all the best practices of the NIST Cybersecurity Framework, the ISO 27001, or any other industry-recognized standards and frameworks, but most of all, it is common sense, right? Anyone working on or with a cybersecurity team in a large organization knows this does not happen! Exceptions happen. Dr. Bill...

Duration:00:05:40

Cybersecurity - Asset Classification

7/30/2021
Asset classification is the foundation of everything else to come in cybersecurity; it will help your organization, for example, small or large, to better understand, manage, identify, and classify your assets. Episode: Cybersecurity - Asset Classification (execcybered.com) Dr. Bill Souza Founder & CEO Executive Cyber Education

Duration:00:06:16

Zero-Sum Game

12/31/2020
In this episode, I will discuss three challenging areas where cybersecurity education is falling short in preparing students and professionals to succeed in the field.

Duration:00:09:45

Cybersecurity Investment & Risk Strategy

8/4/2020
In this episode, I discuss how to leverage your risk framework to make sound cybersecurity investment decisions. I addressed two critical questions that you will need to know the answers; first, how can you tell your program is doing the right thing? and second, How can you tell you are protecting the organization in a financially healthy way? Dr. B. Executive Cyber Education www.execcybered.com eBook: https://www.execcybered.com/risk-identification-ebook

Duration:00:09:51

Critical Systems: Asking the Right Questions

6/14/2020
To get results you need to ask the right question, collect the data, analyze, and develop a robust and factual interpretation. This episode will guide you through the thought process and give you some ideas on how to develop a strong argument on where you should focus your cybersecurity investments and tools. Infographic: https://executive-cyber-education.mykajabi.com/identification-analysis Dr. B.

Duration:00:16:04

Cyber Risk Identification

6/8/2020
Today’s episode I will discuss a strategy to identify critical systems in your organization. The steps I will discuss today will make sure your program is objective and repeatable. The eBook mentioned in this podcast can be downloaded here: https://executive-cyber-education.mykajabi.com/risk-identification-ebook Thanks. Dr. B. https://execcybered.com/podcast-1

Duration:00:16:00

Key Risk Indicators

4/25/2020
Today’s episode we will discuss how to identify KRIs (key risk indicators). I’ll discuss a simple and effective way to do it; there seems to be a lot of confusion on what to measure and for a long time, subject matter experts believe we can’t measure Cybersecurity.

Duration:00:13:03

Tail Risks: What are you going to do differently?

4/7/2020
Today’s episode, we will discuss “tail risk” and the impact it may have on organizations when it’s realized. Given our current environment, it seems entirely appropriate for us to have this meaningful discussion.

Duration:00:16:50

Risk Formula: What's wrong with it?

3/1/2020
Today’s episode we will discuss the popular risk formula, “Risk = Threat x Vulnerability x Consequence/Impact and its limitations to actually provide accurate information for a cybersecurity investment or tactical decision. I will be leveraging the “Risk Analysis and Management for Critical Asset Protection (RAMCAP) framework that was also used by the Department of Homeland Security.

Duration:00:13:20

Threat Reports: What's Missing

1/16/2020
I will discuss “Threat Reports,” specifically eight 2019 reports; the 2019 data breach investigations report by Verizon; 2019 data breach investigations report (executive summary) by Verizon; 2019 annual report, state of cyber security by security in depth; cyber security report by darkmatter; Q2 2019 Cybersecurity threatscape by Positive Technologies; 2019 Cyber Security Risk Report by Aon; the 2019 global threat report by CrowdStrike; and cyber trendscape 2020 by fireeye. My discussion...

Duration:00:14:36

Security Controls Selection

12/23/2019
Today’s episode we will discuss a strategy to select controls to assess, this strategy can be used to select any controls for your assessment, as a framework for security control selection, this approach is standard or regulatory standard agnostic. The steps we will discuss today will make sure your control selection is objective and repeatable.

Duration:00:15:30

Assessments: System Selection

12/9/2019
Today’s episode we will discuss a strategy to select an environment to assess, this strategy can be used from your first assessment to developing an assessment calendar. The steps we will discuss today will make sure your assessment selection is objective and repeatable. Dr. B. www.execcybered.com

Duration:00:10:13

Cyber Risk & Cyber Governance Overall Program

12/1/2019
In this episode, we discuss an overview of our cybersecurity risk and governance program. Here I'll discuss what we are trying to achieve in the next several podcasts. Starting from choosing an environment and business organizations to establishing a residual risk for your cybersecurity organization that you can trust. Our overview will touch on environment selection, security controls, control assessments, risk identification, and much more.

Duration:00:16:49

Program Assessments

11/18/2019
There are six-step in a cybersecurity program assessment framework. I will discuss each step of the framework and how it will help you to achieve a comprehensive assessment. A cybersecurity program assessment is a process, that you will design to provide your company or department with a comprehensive review of the tools, processes they implemented, policies, standards, procedures, and practices in place at your organization. Dr. B. www.execcybered.com

Duration:00:33:10