Cybersecurity Risk
Feeling overwhelmed by cyber risk? You're not alone. In today's digital world, cyber threats are a complex issue and a strategic opportunity to strengthen your organization's resilience.
This podcast dives deep into the world of cyber governance and risk management. We'll have open conversations with experts to help you take your organization's cybersecurity posture from "as-is" to the next level.
Here's what you'll learn:
- Program and control assessments: Identify weaknesses in your current defenses.
- Risk identification and mitigation: Proactively address threats before they strike.
- Building a risk register: Track and prioritize your organization's vulnerabilities.
- Crafting effective mitigation plans: Develop strategies to minimize cyber risk.
- And much more!
Join us and learn how to navigate the ever-evolving cyber landscape with confidence.
Episodes
108 episodes
Seize Control: How CTEM Can Fortify Your Organization’s Defense
In this episode, I will dive into Continuous Threat Exposure Management (CTEM) and how it revolutionizes vulnerability prioritization. I discuss the essential steps—scoping, discovery, prioritization, validation, and mobilization—required for e...
•
Episode 108
•
11:49
The Unexpected Role of Impact in Cybersecurity Risk – A Must Know!
Understanding Impact Assessment in Cybersecurity: A Deep DiveIn this video, I tackle the questions: Does impact assessment exist in cybersecurity, and how is it conducted? I break down the fundamental formula of cybersecurity risk, whic...
•
Episode 107
•
5:39
Missed Vulnerabilities: How to Fix and Prevent Them in Future Assessments
It's a common, yet unsettling, scenario in cybersecurity risk assessment: discovering a crucial component was overlooked after an assessment is complete. The question often arises: "How do you handle missing risks in a risk assessment? W...
•
Episode 106
•
8:00
Navigating the Human Element in Cybersecurity Risk Assessment
As cybersecurity professionals, we often dive deep into the intricacies of networks, code, and vulnerabilities. We assume that identifying assets, scanning for weaknesses, and generating reports are the core of cybersecurity risk assessment<...
•
Episode 105
•
8:21
Mastering Cyber Asset Sampling: Optimize Your Assessment Process
Cyber Asset Assessment: Understanding the Importance of SamplingIn this episode, I dive into the crucial step of sampling in cyber asset assessment. Learn why sampling is essential, especially when dealing with large environments and li...
•
Episode 104
•
6:15
Unlocking the True Goal of Security: What You're Really Protecting
In this episode, I dive into the essential first steps for a successful cybersecurity risk assessment. Unlike traditional methods, we emphasize the importance of aligning cyber protection with corporate objectives and mission-critical assets. L...
•
Episode 103
•
3:48
Aggregate Risk Demystified: The Formula Every Business Needs
How to Aggregate Vulnerability Risks Efficiently for Your IT EnvironmentIn this episode, we'll explore the comprehensive approach to scanning and evaluating the entire ecosystem of your application, including databases, firewalls, and ro...
•
Episode 102
•
7:08
Unpacking Trump’s Cybersecurity Orders: Key Updates and What They Mean for National Security
President Trump Amends Cybersecurity Executive Orders: Key Impacts and AnalysisIn this episode, we delve into President Trump's recent amendments to Executive Orders 13694 and 14144, primarily focusing on enhancing national cybersecurity...
•
Episode 101
•
13:48
Optimizing SIEM Storage Costs: Effective Logging Strategies
Optimizing SIEM Storage Costs: Effective Logging StrategiesIs storage really as cheap as people think? This episode delves into the true cost of storage in the context of Security Information and Event Management (SIEM) systems. We expl...
•
Episode 100
•
3:28
One Insight from 1978 Could Change Your Cybersecurity Strategy
The Importance of Managerial Controls in Cybersecurity: Insights from 1978In this episode of Doctor's Advice, Dr. B discusses the critical idea presented by Steward Madnick in 1978, emphasizing that computer security can't rely solely on...
•
Episode 99
•
7:50
The DeepSeek Deception - A Story of Skepticism, Cybersecurity, and the Pursuit of Truth
The world is awash in information, but clarity is a rare commodity. We're bombarded with headlines, statistics, and pronouncements, all vying for our attention and belief. But in this age of information overload, a healthy dose of skepticism is...
•
Episode 98
•
4:25
The AI Revolution: Humanity's Next Great Leap in Cybersecurity
Ready to explore the fascinating intersection of AI and cybersecurity? My latest podcast episode is live, and it's packed with insights you won't want to miss!**In this episode, we delve into:**- **The AI Advantage:** Discover h...
•
Episode 97
•
7:32
Why Cybersecurity is Everyone's Responsibility
🛡️ Cybersecurity is EVERYONE'S Responsibility! 🛡️Think cybersecurity is just for the IT department? Think again!In this episode, we break down the dangerous misconception that cybersecurity is just about firewalls and antivirus ...
•
Episode 96
•
8:38
Cyber Risk Appetite
Forget the magic numbers. Cyber risk appetite isn't about finding a one-size-fits-all percentage of revenue. It's about protecting your company's dreams. In this episode, we dive deep into the WHY behind cyber risk appetite. We explore h...
•
Episode 95
•
9:36
Cybersecurity in the Age of AI- Back to Basics
An article from Gartner named "AI in Cybersecurity: Define Your Direction" explores the impact of AI, particularly generative AI (GenAI), on the cybersecurity landscape. While acknowledging the transformative potential of AI and the hype surrou...
•
Episode 94
•
3:34
Cybersecurity Risk Management A CISO's Guide to Leadership in an Evolving Threat Landscape
Cybersecurity risk management has taken center stage for organizations across all industries in the wake of recent high-profile cyberattacks, such as the SolarWinds breach and the Colonial Pipeline ransomware incident. As a CISO, you know first...
•
Episode 93
•
4:06
Stronger Cybersecurity and Smarter Spending
The Cyber Defense Matrix (CDM) model tackles the difficulties of cost-effective and resilient cybersecurity planning by offering a structured framework to select and implement the most critical security controls, considering factors like budget...
•
Episode 92
•
5:45
Cybersecurity Compliance: Hype or Bust?
In cybersecurity, organizations are constantly grappling with the question of compliance. Is it merely a checkbox exercise, a source of unnecessary overhead, or a fundamental pillar of a robust security posture? The debate surrounding cybersecu...
•
Episode 91
•
4:26
Expert as the Instrument
In cybersecurity, organizations face a relentless barrage of threats that can compromise their sensitive data, disrupt operations, and tarnish their reputation. While quantitative data and automated tools play a crucial role in identifying and ...
•
Episode 90
•
4:33
Cybersecurity Risk Management Governance Process
Organizations face an ever-increasing array of cyber threats. A proactive and strategic approach to cybersecurity risk management is essential to counter these risks. This process not only safeguards an organization's valuable digital assets bu...
•
Episode 89
•
8:34
Cybersecurity and Emerging Technologies
The rapid advancement of technology brings unprecedented opportunities and significant cybersecurity risks. The World Economic Forum's (WEF) October 2024 white paper, "Navigating Cyber Resilience in the Age of Emerging Technologies: Collaborati...
•
Episode 88
•
4:38
The Human Factor vs. the Algorithm
Organizations grapple with a complex challenge: striking the right balance between human expertise and algorithmic insights. As highlighted by Hubbard (2014), a prevailing trend is the tendency for individuals within organizations, including se...
•
Episode 87
•
3:55
The Cybersecurity Analysis Placebo: Measuring for the Illusion of Control
The adage "what gets measured gets managed" holds significant weight in cybersecurity. Organizations invest heavily in metrics, Key Performance Indicators (KPIs), and risk assessments, aiming to quantify their cybersecurity posture and demonstr...
•
Episode 86
•
5:22
Risk Management for SMBs
Cybersecurity is no longer a luxury but a necessity for small and midsize businesses (SMBs). Cyber threats are becoming increasingly sophisticated, and SMBs are often seen as easy targets due to their perceived lack of resources and security me...
•
Episode 85
•
5:22
5 must-do’s for effective cyber risk management
Establishing a robust cybersecurity risk management program is paramount for any organization. As a CISO, the task of safeguarding critical assets and sensitive data can be daunting. However, leveraging the Cyber Defense Matrix (CDM) as a strat...
•
Episode 83
•
3:50