Speed & Quality – BSW #248
Full Audio
View Show IndexSegments
1. Digital Risk Protection – Dan Mathews – BSW #248
Your information is everywhere. Executive, employee, and corporate data are contained in breach data, social media, and the dark web. How do you protect your organization from impersonation and account takeover attacks?
Dan Matthews, Director, Worldwide Sale Engineering from Constella Intelligence, will discuss the challenges with digital risk protection and how to protect your executives, employees, and corporate brand.
This segment is sponsored by Constella Intelligence . Visit https://securityweekly.com/constella to learn more about them!
Sponsored By
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Dan Mathews brings over 20 years’ experience in the security industry to his role as Director, Worldwide Sales Engineering, at Constella Intelligence. He has served in various technical, marketing, and advisory capacity at former companies including UUNET, MCI, Verizon, Cybertrust and SecureWorks. Most recently,, Dan led the global sales engineering team at Lastline for five years, through a successful acquisition by VMWare. Dan is based in Dallas-Ft. Worth, Texas.
Hosts
2. Cybersecurity & Audit, CIO Involvement Grows, & Poor Security Culture – BSW #248
In the leadership and communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
CRA's Business Intelligence Unit has launched its next survey on Zero Trust! What are Your Barriers to Zero Trust Implementation? Take our survey and enter to win a $500 Tango card by visiting https://securityweekly.com/zerotrust. Report results will be released at our upcoming Zero Trust E-Summit in March!
Hosts
- 1. Cybersecurity increasingly on audit committee agendasCFOs can expect to see more cybersecurity experts on their audit committees. Audit committee members increasingly say they need that expertise around the table to better manage this growing responsibility, according to a report by The Center for Audit Quality and Deloitte. Almost 100% of audit committees have members with finance and accounting expertise but only 35% have members who are strong in cybersecurity, the report finds. And yet cybersecurity is the fastest-growing risk focus for the committees.
- 2. OMB issues zero-trust strategy for federal agenciesAll federal agencies must meet zero-trust goals that the U.S. Office of Management and Budget has set by 2024, building on earlier federal cybersecurity initiatives.
- 3. CIO involvement in security grows as CEOs target risk reductionHalf of CIOs are prioritizing security management this year, as CEOs push for IT and data security upgrades to reduce corporate risk, according to IDG's annual CIO survey, which included responses from almost 1,000 heads of IT and 250 line of business participants.
- 4. Banks Face Countdown to New Cybersecurity RulesNew federal rules taking effect this spring will require all U.S. banking organizations to meet two primary requirements: 1. Banking organizations must notify their primary federal regulator of any “computer-security incident that rises to the level of a notification incident” as soon as possible—but no later than 36 hours after a determination that such an incident has occurred. 2. A bank service provider must notify each affected banking organization as soon as possible when the provider determines it has experienced a computer-security incident that “has caused, or is reasonably likely to cause a material service disruption or degradation for four or more hours.”
- 5. Cyberinsurance: Federal Court Interprets Banking Fraud PolicyInsureds who think they have coverage for cyber-related losses find that their insurance providers balk at paying claims—which is kinda the point of having insurance. Companies need to examine the scope and extent of their insurance policies, including cyberinsurance and non-cyberinsurance policies, as well as the nature of the risks they think they are insuring against. There are a host of traps for the unwary and the insurance discussion should include inside and outside counsel, risk management, HR and the cybersecurity team. The worst thing you can do is think you have coverage, pay for what you think is covered and find out that it’s not covered. The second worst is to only find out that it is covered after spending hundreds of thousands of dollars in legal fees.
- 6. COMMUNICATION AND LEADERSHIPThe rapidly changing and fast-paced environment of today’s workplace requires leaders to have the tools and the skill sets they need to remain productive, efficient, and effective. With hybrid and remote work becoming more standardized and permanent, it falls to leaders to fill the void left by the COVID-19 pandemic. Communication must be the first step.
- 7. How Poor Security Culture Leads to Insider RiskCorporate leadership is expected to set the tone for the entire company. That’s especially important with regard to how the organization approaches cybersecurity. If leadership doesn’t adopt strong security practices, chances are good that same attitude trickles down throughout the rest of the company, resulting in a greater risk of insider threats.
