#225 - The Full Irish

In this episode of CSO Tradecraft, host G. Mark Hardy introduces 'The Full Irish,' a cybersecurity framework based on the '12 Steps to Cybersecurity' guidance from Ireland's National Cybersecurity Center. The episode covers comprehensive steps from governance and risk management to incident response and resilience, making it a valuable resource for cybersecurity professionals. G Mark also discusses the implications of multinational companies operating in Ireland, including tax strategies and notable GDPR fines. The episode provides pragmatic guidance and actionable insights to enhance your cybersecurity program.

References: https://www.ncsc.gov.ie/pdfs/Cybersecurity_12_steps.pdf

Transcripts: https://docs.google.com/document/d/1VLeRozClLZAkZsusYsUn4Q9_1v7WCoN0

Chapters 

• 00:00 Introduction to the Full Irish
• 01:32 Why Ireland?
• 02:40 Tax Avoidance Schemes
• 04:25 GDPR Penalties and Data Protection
• 05:54 Overview of the 12 Steps to Cybersecurity
• 07:19 Step 1: Governance and Organization
• 09:24 Step 2: Identify What Matters Most
• 10:31 Step 3: Understanding the Threats
• 12:35 Step 4: Defining Risk Appetite
• 14:10 Step 5: Education and Awareness
• 16:00 Step 6: Implement Basic Protections
• 18:00 Step 7: Detect and Attack
• 19:37 Step 8: Be Prepared to React
• 21:24 Step 9: Risk-Based Approach to Resilience
• 22:52 Step 10: Automated Protections
• 23:58 Step 11: Challenge and Test Regularly
• 25:29 Step 12: Cyber Risk Management Lifecycle
• 26:29 Conclusion and Final Thoughts