What Was Old Is New Again – BSW #216
Full Audio
View Show IndexSegments
1. The Lost Year: The Impact of the Pandemic on Web App Security – Ryan Bergquist – BSW #216
The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabillties that can negatively impact your business.
Segment Resources:
The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report
https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/
This segment is sponsored by Netsparker.
Visit https://securityweekly.com/netsparker to learn more about them!
Sponsored By
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Security Weekly listeners save $100 on their RSA Conference 2021 All Access Pass! RSA Conference will be a fully virtual experience from May 17th-20th, 2021. Security Weekly will be live streaming Monday-Thursday in the virtual broadcast alley, interviewing some of the top sponsors and speakers for the event. To register using our discount code, please visit https://securityweekly.com/rsac2021 [securityweekly.com] and use the code 5U1CYBER! We hope to "see" you there!
Guest
Part of the Solutions Engineering Team at Invicti Security, Ryan graduated in Information Systems and Security as well as Computer Forensics and Security. Ryan has been working in the Cyber Security industry for 4 years through various roles in Security Engineering and Product Management. He is passionate about Cyber Security and technology in general.
Hosts
2. 6 Ways to Engage, 5 Key Qualities of CISOs, & 4 Actions Leader Take – BSW #216
In the Leadership and Communications section, 6 ways to spur cybersecurity board engagement, 5 key qualities of successful CISOs, and how to develop them, 4 Actions Transformational Leaders Take, and more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
- 1. The Security Industry is Protecting the Wrong Thing – Security BoulevardWhen the security industry talks about a data breach, often the first question asked involves the state of the victim’s network security – not the breach of data. Why is this? It’s because organizations have their security priorities backward, and that needs to change.
- 2. Cyber security is in denial, that’s why it needs the Lean Six Sigma approachSome of the world’s biggest businesses use this approach to increase efficiency in their company. But its principles are rarely applied to cyber security. With cyber security teams increasingly stretched and attacks increasing, it’s time for that to change. 1. It’s time to truly understand cyber risk 2. Risk mitigation becomes the focus The key elements of Lean Six Sigma: Define, Measure, Analyze, Improve, and Control.
- 3. 6 ways to spur cybersecurity board engagementCorporate boards' subpar cybersecurity literacy and security leaders' lack of business acumen have resulted in missed opportunities to align security and business objectives, leaving enterprises open to potentially catastrophic cyberthreats. ESG offered six recommendations for advancing cybersecurity's standing in the C-suite and boardroom and throughout the enterprise. 1. Educate boards 2. Adopt a CISO-to-CEO reporting structure 3. Foster a cybersecurity culture 4. Formalize the cybersecurity program 5. Prioritize critical assets and initiatives 6. Hire BISOs
- 4. CISO Challenge: Check Your Cybersecurity Skills On This New Competition SiteSo, what can security leaders do to make sure they're prepared and hone their skills ahead of the next inevitable threat? Now, they can test themselves and their knowledge at a new website, 'The CISO Challenge' (https://ciso-challenge.com/?utm_source=thn).
- 5. 5 key qualities of successful CISOs, and how to develop themToday, business success is directly intertwined with the success of information security. Therefore, the modern CISO needs a unique set of qualities to align effective data security strategy, process, and practice with various business needs and requirements. 1. A modern CISO speaks the language of the business 2. A modern CISO is a collaborator 3. A modern CISO is emotionally intelligent 4. A modern CISO has strategic focus 5. A modern CISO is tenacious
- 6. 4 Actions Transformational Leaders TakeIn a changed, post-pandemic environment, employees, customers, and investors have high expectations for the companies they work with. They expect companies to play a more prominent role in tackling systemic issues like climate change and social inequality, and they expect leaders to be effective, authentic, and compassionate. Leaders who want their organizations to meet this moment and succeed long-term need to move away from the status quo and change their approach to how they’ll lead the necessary transformations. The following four strategies, based on our collective experience in leading transformations over the last 25 years, will help leaders increase their chances of success. 1. Practice New Mental Models 2. Work the Edges of the Organization 3. Share Leadership More Systematically 4. Make Empowerment Live Up to Its Promise
