CISO Tradecraft®

Welcome to CISO Tradecraft®, your guide to mastering the art of being a top-tier Chief Information Security Officer (CISO). Our podcast empowers you to elevate your information security skills to an executive level. Join us on this journey through the domains of effective CISO leadership.

Listen on:

  • Apple Podcasts
  • Podbean App
  • Spotify
  • Amazon Music
  • Pandora
  • TuneIn + Alexa
  • iHeartRadio
  • PlayerFM
  • Listen Notes
  • Samsung
  • Podchaser
  • BoomPlay

Episodes

6 days ago

G Mark Hardy and guest Deb Radcliff talk about experiences and takeaways from Black Hat, and delve into the dynamic world of cybersecurity. Deb shares her perspectives on the intersection of AI, DevSecOps, and cyber warfare, while highlighting insights from her 'Breaking Backbones' trilogy. 
Transcripts: https://docs.google.com/document/d/1XN9HjdljJYKlUITrxZ10HTq9e91R8FNT
Book 1: Breaking Backbones: Information Is Power        https://amzn.to/4dLSBxQBook 2: Breaking Backbones: Information Should Be Free        https://amzn.to/4e3BRlBBook 3: Breaking Backbones: From Chaos to Order        https://amzn.to/3X8e4u2
Chapters
00:00 Introduction and Welcome Back
01:18 Black Hat and Security Leaders Dinner
04:39 The Evolution of Cybersecurity Conferences
10:59 AI and Cybersecurity Trends
22:01 The Chip Dilemma: Parenting in a Monitored Society
23:09 Crafting Characters: Inspirations and Transformations
25:58 Writing Process: From Drafts to Details
31:38 Future of Cybersecurity: Autonomous Systems and Legal Challenges

Monday Aug 26, 2024

In this episode of CISO Tradecraft, host G Mark Hardy is joined by special guest Snehal Antani, co-founder of Horizon3.AI, to discuss the crucial interplay between offensive and defensive cybersecurity tactics. They explore the technical aspects of how observing attacker behavior can enhance defensive strategies, why traditional point-in-time pen testing may be insufficient, and how autonomous pen testing can offer continuous, scalable solutions. The conversation delves into Snehal’s extensive experience, the importance of readiness over compliance, and the future of cybersecurity tools designed with humans out of the loop. Tune in to learn how to elevate your cybersecurity posture in a rapidly evolving threat landscape.
Horizon3 - https://www.horizon3.ai
Snehal Antani - https://www.linkedin.com/in/snehalantani/
Transcripts: https://docs.google.com/document/d/1IFSQ8Uoca3I7TLqNHMkvm2X-RHk8SWpo
Chapters:
00:00 Introduction and Guest Welcome
01:43 Background and Experience of Snehal Antani
03:09 Challenges and Limitations of Traditional Pen Testing
14:47 The Future of Pen Testing: Autonomous Systems
23:10 Leveraging Data for Cybersecurity Insights
24:02 Expanding the Attack Surface: Cloud and Supply Chain
24:46 Third-Party Risk Management Evolution
44:37 Future of Cyber Warfare: Algorithms vs. Humans

#194 - The IAM Masterclass

Monday Aug 19, 2024

Monday Aug 19, 2024

In this episode of CISO Tradecraft, host G Mark Hardy delves into the intricate world of Identity and Access Management (IAM). Learn the essentials and best practices of IAM, including user registration, identity proofing, directory services, identity federation, credential issuance, and much more. Stay informed about the latest trends like proximity-based MFA and behavioral biometrics. Understand the importance of effective IAM implementation for safeguarding sensitive data, compliance, and operational efficiency. Plus, hear real-world examples and practical advice on improving your IAM strategy for a secure digital landscape.
Transcripts: https://docs.google.com/document/d/15zUupqhCQz9llwy21GW5cam8qXgK80JB
Chapters
00:00 Introduction to CISO Tradecraft
01:24 Understanding Identity and Access Management (IAM)
01:54 Gartner's Magic Quadrant and IAM Vendors
03:29 The Importance of IAM in Enterprises
04:28 User Registration and Verification
06:48 Password Policies and Best Practices
09:53 Identity Proofing Techniques
14:53 Directory Services and Role Management
18:27 Identity Federation and Credential Issuance
22:22 Profile and Role Management
26:17 Identity Lifecycle Management
29:23 Access Management Essentials
35:05 Review and Conclusion

Monday Aug 12, 2024

In this comprehensive episode of CISO Tradecraft, host G Mark Hardy sits down with Christian Hyatt, author of 'The Security Team Operating System'. Together, they delve into the five essential components needed to transform your cyber security team from reactive to unstoppable. From defining purpose and values to establishing clear roles, rhythms, and goals, this podcast offers practical insights and tools that can improve the efficacy and culture of your security team. If you're looking for strategic frameworks to align your team with business objectives and create a resilient security culture, you won't want to miss this episode!
Christian Hyatt's LinkedIn Profile: https://www.linkedin.com/in/christianhyatt/
Link to the Book: https://a.co/d/aHpXXfr
Transcripts: https://docs.google.com/document/d/1ogBdtJolBJTOVtqyFLO5onuLxBsfqqQP
Chapters
00:00 Introduction and Guest Welcome
01:31 Overview of the Security Team Operating System
03:31 Deep Dive into the Five Elements
07:53 Aligning Security with Business Objectives
21:59 Defining Core Values for Security Teams
25:03 Aligning Organizational and Team Values
26:05 Establishing Clear Roles and Responsibilities
30:58 Implementing Effective Rhythms and Goals

Monday Aug 05, 2024

Join host G Mark Hardy in this episode of CISO Tradecraft as he welcomes Olivia Rose, an experienced CISO and founder of the Rose CISO Group. Olivia discusses her journey in cybersecurity from her start in marketing to becoming a VCISO. They delve into key topics including the transition from CISO to VCISO, strategies for managing time and stress, the importance of understanding board dynamics, and practical advice on mentoring new entrants in the cybersecurity field. Olivia also shares her insights on maintaining business alignment, handling insurance as a contractor, and building a personal brand in the cybersecurity community.
Olivia Rose: https://www.linkedin.com/in/oliviarosecybersecurity/
Transcripts: https://docs.google.com/document/d/1S42BepIh1QQHVWsdhhgx6x99U188q5eL
Chapters
00:00 Introduction and Guest Welcome
01:14 Olivia Rose's Career Journey
06:42 Challenges in Cybersecurity Careers
15:47 Communicating with the Board
22:57 Navigating Compliance and Legal Challenges
24:10 Building Strategic Relationships
25:46 Aligning Security with Business Goals
35:05 The Importance of Reputation and Branding

Monday Jul 29, 2024

In this episode of CISO Tradecraft, host G Mark Hardy continues an in-depth discussion with cybersecurity attorney Thomas Ritter on the legal considerations for cybersecurity leaders. The episode touches on essential topics such as immediate legal steps after a data breach, the importance of using correct terminology, understanding attorney-client privilege and discovery, GDPR's impact, data localization, and proactive measures CISOs should take. The conversation also explores the implications of evolving cybersecurity laws and regulations like the Digital Operations Resilience Act and the potential criminal liabilities for CISOs.
Thomas Ritter: https://www.linkedin.com/in/thomas-ritter-2b91014a/
Transcripts: https://docs.google.com/document/d/15xQINUOdziGdcEFfh5SN8lS7svtK0JCT
 
Chapters
00:00 Introduction and Recap of Part 1
01:43 Starting the Discussion: Data Breaches
02:22 Legal Steps After a Data Breach
07:19 Understanding Attorney-Client Privilege
08:21 Discovery in Legal Cases
13:31 Staying Updated on Cybersecurity Laws
19:38 Impact of GDPR on Cybersecurity
32:00 Data Localization Challenges
34:55 Proactive Legal Preparedness
37:23 Final Thoughts and Conclusion

Monday Jul 22, 2024

In this episode of CISO Tradecraft, host G Mark Hardy interviews cybersecurity lawyer Thomas Ritter. They discuss key legal topics for CISOs, including regulatory compliance, managing third-party risk, responding to data breaches, and recent legislative impacts. Thomas shares his journey into cybersecurity law and provides practical advice and real-world examples. Key points include the challenges of keeping up with evolving regulations, the intricacies of vendor management, and the implications of recent Supreme Court rulings. They also touch on major breaches like SolarWinds and Colonial Pipeline, exploring lessons learned and the importance of implementing essential security controls.
Thomas Ritter - https://www.linkedin.com/in/thomas-ritter-2b91014a/ Transcripts: https://docs.google.com/document/d/1EvZ_dOpFOLCSSv5ffqxCoMnLZDOnUv_K
Chapters
00:00 Introduction to CISO Tradecraft
00:48 Meet Thomas Ritter: Cybersecurity Lawyer
03:48 Legal Challenges for CISOs
04:54 Managing Third-Party Risks
13:01 Understanding Legal and Statutory Obligations
15:57 Supreme Court Rulings and Cybersecurity
32:57 Lessons from High-Profile Cyber Attacks
38:32 Ransomware Epidemic and Law Enforcement
43:30 Conclusion and Contact Information

Monday Jul 15, 2024

Emotional Intelligence for Cybersecurity Leaders | CISO Tradecraft In this episode of CISO Tradecraft, host G Mark Hardy delves into the essential topic of emotional intelligence (EI) for cybersecurity leaders. He explores the difference between IQ and EI, the origins and significance of emotional intelligence, and its impact on leadership effectiveness. The episode covers various models of EI, including the Ability Model, the Trait Model, and the Mixed Model, and emphasizes practical actions to enhance EI, such as self-awareness, self-regulation, empathy, and social skills. Tune in to understand how developing emotional intelligence can significantly benefit your career, leadership performance, and personal life. 
 
Transcripts: https://docs.google.com/document/d/15pyhXu3XVHJ_VE1OwKjSqM73Rybjbsm0
 
Chapters:
00:00 Introduction to CISO Tradecraft
00:53 Understanding IQ: The Basics
04:08 Introduction to Emotional Intelligence
07:38 Models of Emotional Intelligence
13:06 The Importance of Emotional Intelligence in Leadership
25:12 Practical Steps to Improve Emotional Intelligence
32:42 Conclusion and Final Thoughts

Monday Jul 08, 2024

Securing Small Businesses: Essential Cybersecurity Tools and Strategies In this episode of CISO Tradecraft, host G Mark Hardy discusses cybersecurity challenges specific to small businesses. He provides insights into key tools and strategies needed for effective cybersecurity management in small enterprises, including endpoint management, patch management, EDR tools, secure web gateways, IAM solutions, email security gateways, MDR services, and password managers. Hardy also evaluates these tools against the CIS Critical Security Controls to highlight their significance in safeguarding small business operations.
Transcripts: https://docs.google.com/document/d/1Hon3h950myI7A3jzGmj7YIwRXow5W1V5
Chapters
00:00 Introduction to CISO Tradecraft
00:40 Challenges of Cybersecurity in Small Businesses
01:15 Defining Small Business and Security Baselines
01:53 Top Cybersecurity Tools for Small Businesses
02:05 Hardware and Software Essentials
04:35 Patch Management Solutions
05:19 Endpoint Detection and Response (EDR) Tools
06:06 Secure Web Gateways and Website Security
11:21 Identity and Access Management (IAM)
12:57 Email Security Gateways
14:15 Managed Detection and Response (MDR) Solutions
14:54 Recap of Essential Cybersecurity Tools
15:41 Bonus Tool: Password Managers
18:33 Aligning with CIS Controls
24:48 Conclusion and Call to Action

Monday Jun 24, 2024

Welcome to another episode of CISO Tradecraft with your host, G. Mark Hardy! In this episode, we dive into how CISOs can drive the profitable growth of their company's products and services. Breaking the traditional view of security as a cost center, Mark illustrates ways CISOs can support business objectives like customer outreach, service enablement, operational resilience, and cost reduction. Tune in for insightful strategies to improve your impact as a cybersecurity leader and a sneak peek at our upcoming CISO training class! If you would like to learn more about our class, drop us a comment: https://www.cisotradecraft.com/comment
Transcripts: https://docs.google.com/document/d/19SDBdQSTLc58sP5ynwzhuedNHzk7QPKj
Chapters
00:00 Introduction to Profitable Growth for CISOs
01:16 Understanding Profit and Business Objectives
03:24 Enhancing Customer Experience through Cybersecurity
08:51 Service Enablement and Upselling Strategies
11:39 Ensuring Operational Resilience
13:36 Cost Reduction and Efficiency Improvements
18:31 Recap and Final Thoughts
19:10 Exciting Announcement: CISO Training Course

Monday Jun 17, 2024

Exploring AI in Cybersecurity: Insights from an Expert - CISO Tradecraft with Tom Bendien In this episode of CISO Tradecraft, host G Mark Hardy sits down with AI expert Tom Bendien to delve into the impact of artificial intelligence on cybersecurity. They discuss the basics of AI, large language models, and the differences between public and private AI models. Tom shares his journey from New Zealand to the U.S. and how he became involved in AI consulting. They also cover the importance of education in AI, from executive coaching to training programs for young people. Tune in to learn about AI governance, responsible use, and how to prepare for the future of AI in cybersecurity.
Transcripts: https://docs.google.com/document/d/1x0UTLiQY7hWWUdfPE6sIx7l7B0ip7CZo
Chapters
00:00 Introduction and Guest Welcome
00:59 Tom Bendien's Background and Journey
02:30 Diving into AI and ChatGPT
04:29 Understanding AI Models and Neural Networks
07:11 The Role of Agents in AI
10:10 Challenges and Ethical Considerations in AI
13:47 Open Source AI and Security Concerns
18:32 Apple's AI Integration and Compliance Issues
24:01 Navigating AI in Cybersecurity
25:09 Ethical Dilemmas in AI Usage
27:59 AI Coaching and Its Importance
32:20 AI in Education and Youth Engagement
35:55 Career Coaching in the Age of AI
39:20 The Future of AI and Its Saturation Point
42:07 Final Thoughts and Contact Information

Monday Jun 10, 2024

In this episode of CISO Tradecraft, host G Mark Hardy delves into the complex intersection of ethics and artificial intelligence. The discussion covers the seven stages of AI, from rule-based systems to the potential future of artificial superintelligence. G Mark explores ethical frameworks, such as rights-based ethics, justice and fairness, utilitarianism, common good, and virtue ethics, and applies them to AI development and usage. The episode also highlights ethical dilemmas, including privacy concerns, bias, transparency, accountability, and the impacts of AI on societal norms and employment. Learn about the potential dangers of AI and how to implement and control AI systems ethically in your organization. 
 
Transcripts: https://docs.google.com/document/d/10AhefqdhkT0PrEbh8qBZVn9wWS6wABO6
Chapters
00:00 Introduction to CISO Tradecraft
01:01 Stages of Artificial Intelligence
03:33 Ethical Implications of AI
05:24 Business Models and Data Security
13:52 Ethical Frameworks Explained
23:18 AI and Human Behavior
25:44 The TikTok Feedback Loop and Digital Addiction
26:54 AI's Unpredictable Capabilities
28:25 The Ethical Dilemmas of AI
30:57 Generative AI and Its Implications
42:10 The Role of Government and Society in AI Regulation
45:49 Conclusion and Ethical Considerations

Monday Jun 03, 2024

In this episode of CISO Tradecraft, host G Mark Hardy explores the challenges complexity introduces to cybersecurity, debunking the myth that more complex systems are inherently more secure. Through examples ranging from IT support issues to the intricacies of developing a web application with Kubernetes, the discussion highlights how complexity can obscure vulnerabilities, increase maintenance costs, and expand the attack surface. The episode also offers strategies to tackle complexity, including standardization, minimization, automation, and feedback-driven improvements, aiming to guide cybersecurity leaders toward more effective and less complex security practices.
Transcripts: https://docs.google.com/document/d/1J0rPr0HxULpeVJMIwXKXqHuCfnXn4gDu
Chapters 
00:00 Introduction
01:03 The Misconception of Complexity in Cybersecurity
02:41 Real-World Complexities and Their Impact on IT
10:06 Simplifying Cybersecurity: Strategies and Solutions
14:48 Conclusion: Embracing Simplicity in Cybersecurity

Monday May 27, 2024

This episode of CISO Tradecraft features a conversation between host G. Mark Hardy and Chris Rothe, co-founder of Red Canary, focusing on cloud security, managed detection and response (MDR) services, and the evolution of cybersecurity practices. They discuss the genesis of Red Canary, the significance of their company name, and the distinctions between Managed Security Service Providers (MSSPs) and MDRs. The conversation also covers the importance of cloud security, the challenges of securing serverless and containerized environments, and leveraging open-source projects like Atomic Red Team for cybersecurity. They conclude with insights on the cybersecurity labor market, the value of threat detection reports, and the future of cloud security.
Red Canary: https://redcanary.com/
Chris Rothe: https://www.linkedin.com/in/crothe/
Transcripts: https://docs.google.com/document/d/1XN4Bp7Sa2geGCVaHuqMRmJckms4q7_L6
 

Monday May 20, 2024

This episode of CISO Tradecraft, hosted by G Mark Hardy, features special guest Debbie Gordon. The discussion focuses on the critical role of Security Operations Centers (SOCs) in an organization's cybersecurity efforts, emphasizing the importance of personnel, skill development, and maintaining a high-performing team. It covers the essential aspects of building and managing a successful SOC, from hiring and retaining skilled incident responders to measuring their performance and productivity. The conversation also explores the benefits of simulation-based training with CloudRange Cyber, highlighting how such training can improve job satisfaction, reduce incident response times, and help organizations meet regulatory requirements. Through this in-depth discussion, listeners gain insights into best practices for enhancing their organization's cybersecurity posture and developing key skill sets to defend against evolving cyber threats.
Cloud Range Cyber: https://www.cloudrangecyber.com/
Transcripts: https://docs.google.com/document/d/18ILhpOgHIFokMrkDAYaIEHK-f9hoy63u 
Chapters
00:00 Introduction
01:04 The Indispensable Role of Security Operations Centers (SOCs)
02:07 Building an Effective SOC: Starting with People
03:04 Measuring Productivity and Performance in Your SOC
05:36 The Importance of Continuous Training and Simulation in Cybersecurity
09:00 Debbie Gordon on the Evolution of Cyber Training
11:54 Developing Cybersecurity Talent: The Importance of Simulation Training
14:46 The Critical Role of People in Cybersecurity
21:57 The Impact of Regulations on Cybersecurity Practices
24:36 The Importance of Proactive Cybersecurity Training
26:26 Redefining Cybersecurity Roles and Training Approaches
30:08 Leveraging Cyber Ranges for Real-World Cybersecurity Training
36:03 Evaluating and Enhancing Cybersecurity Skills and Team Dynamics
37:49 Maximizing Cybersecurity Training ROI and Employee Engagement
41:40 Exploring CloudRange Cyber's Training Solutions
43:28 Conclusion: The Future of Cybersecurity Training

Monday May 13, 2024

In this episode of CISO Tradecraft, host G Mark Hardy discusses the findings of the 2024 Verizon Data Breach Investigations Report (DBIR), covering over 10,000 breaches. Beginning with a brief history of the DBIR's inception in 2008, Hardy highlights the evolution of cyber threats, such as the significance of patching vulnerabilities and the predominance of hacking and malware. The report identifies the top methods bad actors use for exploiting companies, including attacking VPNs, desktop sharing software, web applications, conducting phishing, and stealing credentials, emphasizing the growing sophistication of attacks facilitated by technology like ChatGPT for phishing and deepfake tech for social engineering. The episode touches on various cybersecurity measures, the omnipresence of multi-factor authentication (MFA) as a necessity rather than a best practice, and the surge in denial-of-service (DDoS) attacks. Hardy also discusses generative AI's role in enhancing social engineering attacks and the potential impact of deepfake content on elections and corporate reputations. Listeners are encouraged to download the DBIR for a deeper dive into its findings.
Transcripts: https://docs.google.com/document/d/1HYHukTHr6uL6khGncR_YUJVOhikedjSE 
Chapters
00:00 Welcome to CISO Tradecraft
00:35 Celebrating Milestones and Offering Services
01:39 Diving into the Verizon Data Breach Investigations Report
04:22 Top Attack Methods: VPNs and Desktop Sharing Software Vulnerabilities
09:24 The Rise of Phishing and Credential Theft
19:43 Advanced Threats: Deepfakes and Generative AI
23:23 Closing Thoughts and Recommendations

Monday May 06, 2024

In this joint episode of the Security Break podcast and CISO Tradecraft podcast, hosts from both platforms come together to discuss a variety of current cybersecurity topics. They delve into the challenge of filtering relevant information in the cybersecurity sphere, elaborate on different interpretations of the same news based on the reader's background, and share a detailed analysis on specific cybersecurity news stories. The discussion covers topics such as the implications of data sharing without user consent by major wireless providers and the fines imposed by the FCC, the significance of increasing bug bounty payouts by tech companies like Google, and a comprehensive look at how edge devices are exploited by hackers to create botnets for various cyberattacks. The conversation addresses the complexity of the cybersecurity landscape, including how different actors with varied objectives can simultaneously compromise the same devices, making it difficult to attribute attacks and protect networks effectively.
Transcripts: https://docs.google.com/document/d/1GtFIWtDf_DSIIgs_7CizcnAHGnFTTrs5
Chapters
00:00 Welcome to a Special Joint Episode: Security Break & CISO Tradecraft
01:27 The Challenge of Filtering Cybersecurity Information
04:23 Exploring the FCC's Fine on Wireless Providers for Privacy Breaches
06:41 The Complex Landscape of Data Privacy Regulations
16:00 The Economics of Data Breaches and Regulatory Fines
24:23 Bug Bounties and the Value of Security Research
33:21 Exploring the Economics of Cybersecurity
33:50 The Lucrative World of Bug Bounties
34:38 The Impact of Security Vulnerabilities on Businesses
35:50 Navigating the Complex Landscape of Cybersecurity
36:22 The Ethical Dilemma of Selling Exploit Information
37:32 Understanding the Market Dynamics of Cybersecurity
38:00 Focusing on Android Application Security
38:34 The Importance of Targeting in Cybersecurity Efforts
42:33 Exploring the Threat Landscape of Edge Devices
46:37 The Challenge of Securing Outdated Technology
49:28 The Role of Cybersecurity in Modern Warfare
53:15 Strategies for Enhancing Cybersecurity Defenses
01:05:25 Concluding Thoughts on Cybersecurity Challenges

Monday Apr 29, 2024

In this episode of CISO Tradecraft, host G. Mark Hardy discusses seven critical issues facing the cybersecurity industry, offering a detailed analysis of each problem along with counterarguments. The concerns range from the lack of a unified cybersecurity license, the inefficiency and resource waste caused by auditors, to the need for a federal data privacy law. Hardy emphasizes the importance of evaluating policies, prioritizing effective controls, and examining current industry practices. He challenges the audience to think about solutions and encourages sharing opinions and additional concerns, aiming to foster a deeper understanding and improvement within the field of cybersecurity.
Transcripts: https://docs.google.com/document/d/1H_kTbCG8n5f_d1ZHNr1QxsXf82xb08cG
Chapters
00:00 Introduction
01:28 Introducing the Seven Broken Things in Cybersecurity
02:00 1. The Lack of a Unified Cybersecurity License
06:53 2. The Problem with Cybersecurity Auditors
10:09 3. The Issue with Treating All Controls as High Priority
14:12 4. The Obsession with New Cybersecurity Tools
19:23 5. Misplaced Accountability in Cybersecurity
22:38 6. Rethinking Degree Requirements for Cybersecurity Jobs
26:49 7. The Need for Federal Data Privacy Laws
30:53 Closing Thoughts and Call to Action

Monday Apr 22, 2024

In this episode of CISO Tradecraft, hosts G Mark Hardy and guests Jeff Majka and Andrew Dutton discuss the vital role of competitive threat intelligence in cybersecurity. They explore how Security Bulldog's AI-powered platform helps enterprise cybersecurity teams efficiently remediate vulnerabilities by processing vast quantities of data, thereby saving time and enhancing productivity. The conversation covers the importance of diverse threat intelligence sources, including open-source intelligence and insider threat awareness, and the strategic value of AI in analyzing and prioritizing data to manage cybersecurity risks effectively. The discussion also touches on the challenges and potentials of AI in cybersecurity, including the risks of data poisoning and the ongoing battle between offensive and defensive cyber operations.
The Security Bulldog: https://securitybulldog.com/contact/
Transcripts: https://docs.google.com/document/d/1D6yVMAxv16XWtRXalI5g-ZdepEMYmQCe
Chapters
00:00 Introduction
00:56 Introducing the Experts: Insights from the Field
02:43 Unpacking Cybersecurity Intelligence: Definitions and Importance
04:02 Exploring Cyber Threat Intelligence (CTI): Applications and Strategies
13:11 The Role of AI in Enhancing Cybersecurity Efforts
16:43 Navigating the Complex Landscape of Cyber Threats and Defenses
19:07 The Future of AI in Cybersecurity: A Balancing Act
22:33 Exploring AI's Role in Cybersecurity
22:50 The Practical Application of AI in Cybersecurity
25:08 Challenges and Trust Issues with AI in Cybersecurity
26:52 Managing AI's Risks and Ensuring Reliability
31:00 The Evolution and Impact of AI Tools in Cyber Threat Intelligence
34:45 Choosing the Right AI Solution for Cybersecurity Needs
37:27 The Business Case for AI in Cybersecurity
41:22 Final Thoughts and the Future of AI in Cybersecurity
 

Monday Apr 15, 2024

This episode of CISO Tradecraft features a comprehensive discussion between host G Mark Hardy and guest Rafeeq Rehman, centered around the evolving role of CISOs, the impact of Generative AI, and strategies for effective cybersecurity leadership. Rafeeq shares insights on the CISO Mind Map, a tool for understanding the breadth of responsibilities in cybersecurity leadership, and discusses various focal areas for CISOs in 2024-2025, including the cautious adoption of Gen AI, tool consolidation, cyber resilience, branding for security teams, and maximizing the business value of security controls. The episode also addresses the importance of understanding and adapting to technological advancements, advocating for cybersecurity as a business-enabling function, and the significance of lifelong learning in information security.
Cybersecurity Learning Saturday: https://www.linkedin.com/company/cybersecurity-learning-saturday/
2024 CISO Mindmap: https://rafeeqrehman.com/2024/03/31/ciso-mindmap-2024-what-do-infosec-professionals-really-do/
Transcripts: https://docs.google.com/document/d/1axXQJoAdJI26ySKVfROI9rflvSe9Yz50
Chapters 
00:00 Introduction
00:57 Rafeeq Rehman: Beyond the CISO MindMap
04:17 The Evolution of the CISO MindMap
08:30 AI and the Future of Cybersecurity Leadership
11:47 Embracing Change: The Role of AI in Cybersecurity
14:16 Generative AI: Hype, Reality, and Strategic Advice for CISOs
22:32 Navigating the Future Job Market with AI
22:53 Framing AI for Specific Roles
24:12 Harnessing Creativity with Generative AI
25:14 Consolidating Security Tools for Efficiency
28:31 Evaluating Security Tools: A Deep Dive
32:21 Cyber Resilience: Beyond Incident Response
35:51 Building a Business-Focused Security Strategy
39:39 Maximizing Business Value Through Security
43:15 Looking Ahead: Focus Areas for the Future
43:53 Concluding Thoughts and Future Predictions

Monday Apr 08, 2024

In this episode of CISO Tradecraft, host G Mark Hardy welcomes Alex Dorr to discuss Reality-Based Leadership and its impact on reducing workplace drama and enhancing productivity. Alex shares his journey from professional basketball to becoming an evangelist of reality-based leadership, revealing how this approach helped him personally and professionally. They delve into the concepts of SBAR (Situation, Background, Analysis, Recommendation) for effective communication, toggling between low self and high self to manage personal reactions, and practical tools like 'thinking inside the box' to confront and solve workplace issues within given constraints. The conversation underscores the importance of focusing on actionable strategies over arguing with the drama and reality of workplace dynamics, aiming to foster a drama-free, engaged, and productive work environment.
Alex Dorr's Linkedin: https://www.linkedin.com/in/alexmdorr/
Reality-Based Leadership Website: https://realitybasedleadership.com/ 
Transcripts: https://docs.google.com/document/d/1wge0pFLxE4MkS6neVp68bdz8h9mHrwje 
 
Chapters
00:00 Introduction
00:57 Alex Dorr's Journey from Basketball to Leadership Expert
03:54 The Core Principles of Reality-Based Leadership
06:20 Understanding the Human Condition in the Workplace
09:19 Tackling Workplace Drama with Reality-Based Leadership
11:58 The Power of Positive Energy Management
17:42 Navigating Unpreferred Realities and Finding Impact
19:44 Reality-Based Leadership in Action: Techniques and Outcomes
23:12 The Importance of Skill Development Over Perfecting Reality
24:32 The Challenge of Employee Engagement
25:49 Secrets to Embracing Reality and Taking Action
25:58 Leadership vs. Management: Navigating Workplace Dynamics
28:28 Empowering Employees with the SBAR Framework
34:04 Addressing Venting and Negative Behaviors
36:17 Developing People: The Core of Leadership
37:50 Choosing Happiness Over Being Right
40:15 Integrating New Leadership Models and Making Them Stick
46:24 Concluding Thoughts and Contact Information

Monday Apr 01, 2024

This episode of CISO Tradecraft dives deep into the New York Department of Financial Services Cybersecurity Regulation, known as Part 500. Hosted by G Mark Hardy, the podcast outlines the significance of this regulation for financial services companies and beyond. Hardy emphasizes that Part 500 serves as a high-level framework applicable not just in New York or the financial sector but across various industries globally due to its comprehensive cybersecurity requirements. The discussion includes an overview of the regulation's history, amendments to enhance governance and incident response, and a detailed analysis of key sections such as multi-factor authentication, audit trails, access privilege management, and incident response. Additionally, the need for written policies, designating a Chief Information Security Officer (CISO), and ensuring adequate resources for implementing a cybersecurity program are highlighted. The podcast also offers guidance on how to approach certain regulatory mandates, emphasizing the importance of teamwork between CISOs, legal teams, and executive management to comply with and benefit from the regulation's requirements.
AuditScripts: https://www.auditscripts.com/free-resources/critical-security-controls/
NYDFS: https://www.dfs.ny.gov/industry_guidance/cybersecurity 
Transcripts: https://docs.google.com/document/d/1CWrhNjHXG1rePtOQT-iHyhed2jfBaZud
Chapters
00:00 Introduction
00:35 Why Part 500 Matters Beyond New York
01:48 The Evolution of Financial Cybersecurity Regulations
03:20 Understanding Part 500: Definitions and Amendments
08:44 The Importance of Multi-Factor Authentication
14:33 Navigating the Complexities of Cybersecurity Regulations
20:23 The Critical Role of Asset Management and Access Privileges 25:37 The Essentials of Application Security and Risk Assessment
31:11 Incident Response and Business Continuity Management
32:36 Concluding Thoughts on NYDFS Cybersecurity Regulation

Monday Mar 25, 2024

In this episode of CISO Tradecraft, host G. Mark Hardy delves into the crucial topic of the OWASP Top 10 Web Application Security Risks, offering insights on how attackers exploit vulnerabilities and practical advice on securing web applications. He introduces OWASP and its significant contributions to software security, then progresses to explain each of the OWASP Top 10 risks in detail, such as broken access control, injection flaws, and security misconfigurations. Through examples and recommendations, listeners are equipped with the knowledge to better protect their web applications and ultimately improve their cybersecurity posture.
OWASP Cheat Sheets: https://cheatsheetseries.owasp.org/
OWASP Top 10: https://owasp.org/www-project-top-ten/
Transcripts: https://docs.google.com/document/d/17Tzyd6i6qRqNfMJ8OOEOOGpGGW0S8w32
Chapters
00:00 Introduction
01:11 Introducing OWASP: A Pillar in Cybersecurity
02:28 The Evolution of Web Vulnerabilities
05:01 Exploring Web Application Security Risks
07:46 Diving Deep into OWASP Top 10 Risks
09:28 1) Broken Access Control
14:09 2) Cryptographic Failures
18:40 3) Injection Attacks
23:57 4) Insecure Design
25:15 5) Security Misconfiguration
29:27 6) Vulnerable and Outdated Software Components
32:31 7) Identification and Authentication Failures
36:49 8) Software and Data Integrity Failures
38:46 9) Security Logging and Monitoring Practices
40:32 10) Server Side Request Forgery (SSRF)
42:15 Recap and Conclusion: Mastering Web Application Security

Monday Mar 18, 2024

In this episode of CISO Tradecraft, host G Mark Hardy delves into the critical subject of vulnerability management for cybersecurity leaders. The discussion begins with defining the scope and importance of vulnerability management, referencing Park Foreman's comprehensive approach beyond mere patching, to include identification, classification, prioritization, remediation, and mitigation of software vulnerabilities. Hardy emphasizes the necessity of a strategic vulnerability management program to prevent exploitations by bad actors, illustrating how vulnerabilities are exploited using tools like ExploitDB, Metasploit, and Shodan. He advises on deploying a variety of scanning tools to uncover different types of vulnerabilities across operating systems, middleware applications, and application libraries. Highlighting the importance of prioritization, Hardy suggests focusing on internet-facing and high-severity vulnerabilities first and discusses establishing service level agreements for timely patching. He also covers optimizing the patching process, the significance of accurate metrics in measuring program effectiveness, and the power of gamification and executive buy-in to enhance security culture. To augment the listener's knowledge and toolkit, Hardy recommends further resources, including OWASP TASM and books on effective vulnerability management.
Transcripts: https://docs.google.com/document/d/13P8KsbTOZ6b7A7HDngk9Ek9FcS1JpQij
OWASP Threat and Safeguard Matrix - https://owasp.org/www-project-threat-and-safeguard-matrix/
Effective Vulnerability Management - https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207
Chapters
00:00 Introduction
00:56 Understanding Vulnerability Management
02:15 How Bad Actors Exploit Vulnerabilities
04:26 Building a Comprehensive Vulnerability Management Program
08:10 Prioritizing and Remediation of Vulnerabilities
13:09 Optimizing the Patching Process
15:28 Measuring and Improving Vulnerability Management Effectiveness
18:28 Gamifying Vulnerability Management for Better Results
20:38 Securing Executive Buy-In for Enhanced Security
21:15 Conclusion and Further Resources

#172 - Table Top Exercises

Monday Mar 11, 2024

Monday Mar 11, 2024

This episode of CISO Tradecraft, hosted by G Mark Hardy, delves into the concept, significance, and implementation of tabletop exercises in improving organizational security posture. Tabletop exercises are described as invaluable, informal training sessions that simulate hypothetical situations allowing teams to discuss and plan responses, thereby refining incident response plans and protocols. The podcast covers the advantages of conducting these exercises, highlighting their cost-effectiveness and the crucial role they play in crisis preparation and response. It also discusses various aspects of preparing for and executing a successful tabletop exercise, including setting objectives, selecting participants, creating scenarios, and the importance of a follow-up. Additionally, the episode touches on compliance aspects related to SOC 2 and the use of tabletop exercises to expose and address potential organizational weaknesses. The overall message underscores the importance of these exercises in preparing cybersecurity teams for real-world incidents.
Outline & References:
https://docs.google.com/document/d/13Qj4MOjPxWz9mhQCDQNBtoQwrXdTeIEf
Transcripts: https://docs.google.com/document/d/1yfmZALQfkhQCMfp9ao3151P9L2XcEXFm/
Chapters
00:00 Introduction
00:47 The Importance of Tabletop Exercises
01:53 The Benefits of Tabletop Exercises
03:06 How to Implement Tabletop Exercises
05:30 The Role of Tabletop Exercises in Compliance
08:24 The Participants in Tabletop Exercises
09:25 The Preparation for Tabletop Exercises
16:57 The Execution of Tabletop Exercises
21:58 Understanding Roles and Responsibilities in an Exercise
22:17 The Importance of a Hot Wash Up
23:36 Creating an After Action Report (AAR)
24:06 Implementing an Action Plan
24:34 Example Scenario: Network Administrator's Mistake
25:08 Formulating Targeted Questions for the Scenario
26:36 The Role of Innovation in Tabletop Exercises
27:11 The Connection Between Tabletop Exercises and Compliance
29:18 12 Key Steps to a Successful Exercise
30:43 The Importance of Realistic Scenarios
34:05 The Role of Communication in Crisis Management
37:33 The Impact of Cyber Attacks on Operations
39:57 The Importance of Tabletop Exercises and How to Get Started
40:35 Conclusion

Copyright 2024 All rights reserved.

Podcast Powered By Podbean

Version: 20240731