#241 - The OWASP Threat and Safeguard Matrix (with Ross Young)

Join G Mark Hardy in this special episode of CISO Tradecraft as he interviews Ross Young, the creator of the OWASP Threat and Safeguard Matrix (TaSM). Ross shares his extensive cybersecurity background and discusses the development and utility of the TaSM, including its applications in threat modeling and risk management. Additionally, Ross introduces his upcoming book, 'Cybersecurity's Dirty Secret: How Most Budgets Are Wasted,' and provides insights on maximizing cybersecurity budgets. Don't miss this episode for essential knowledge on enhancing your cybersecurity leadership and strategies.

OWASP Threat and Safeguard Matrix - https://owasp.org/www-project-threat-and-safeguard-matrix/

Transcripts - https://docs.google.com/document/d/1anGewI3XccGnXoV3oE2h7BfelY5QxiSL/

Chapters

00:00 Introduction to the Threat and Safeguard Matrix

00:30 Meet Ross Young: Cybersecurity Expert

01:08 Ross Young's Career Journey

01:59 The Upcoming Book: Cybersecurity's Dirty Secret

03:04 Introduction to the Threat and Safeguard Matrix (TaSM)

03:48 Understanding the TaSM Framework

07:10 Applying the TaSM to Real-World Scenarios

19:32 Using TaSM for Threat Modeling and Risk Committees

21:58 Extending TaSM Beyond Cybersecurity

23:52 AI Risks and the TaSM

24:43 Conclusion and Final Thoughts