CFH #13 – Ryan Jamieson
Full Audio
View Show IndexSegments
1. Helping Your Managed Services Clients Build Their Own Security Culture – Ryan Jamieson – CFH #13
Security is a shared responsibility between MSSPs and their clients. Yes, the provider was hired to do a job -- be it SOC operations, threat intelligence or offensive security -- but part of the job is also to consult and communicate with the client to help them gain some degree of cyber self-sufficiency. This discussion will reveal how providers can teach their clients how to develop a secure corporate culture, how to share responsibility and accountability for security matters, and how to broaden their security awareness through partnerships with professional development organizations and information sharing groups.
Guest
Leading the [redacted] Advisory Team, Jamieson brings over twenty years of experience in technology and risk management across multiple industries, including entertainment, defense, financial services, and public accounting. With a history of building security programs from scratch, he seeks to embed security and risk awareness into the culture of the company and create sustainable control environments that preserve business agility.
Jamieson joined [redacted] in 2021 from EY where he worked to strengthen the internal control environment protecting the most sensitive data for thousands of clients across the globe. Prior to EY, he built the security program at Take-Two Interactive (parent company to Rockstar Games and 2K Games), served as the BISO for North American operations at RTL Group, and spent nearly seven years protecting cardmembers and their data at American Express.
Ryan holds a bachelor’s degree in Computer Information Systems from the WP Carey School of Business at Arizona State University and a master’s degree in International Relations and Affairs from Macquarie University.
Hosts
2. Is Regulatory Compliance Governing Your Toolsets and Policies? – CFH #13
To what extent should compliance with privacy and security frameworks -- whether imposed by government bodies or industry standard organizations -- be the decisive factor when MSSPs choose their tech stacks and craft their threat defense strategies? Meanwhile, are would-be MSSP customers deciding which managed services provider to hire largely based on their compliance needs, or are they more influenced by other market forces and threat trends? And for those organizations who ARE building their managed services strategies around compliance, which frameworks, laws or standards should be highest priority? This segment will offer important perspectives on these key questions.
Hosts
- 1. 2023 State of Cloud Native Security Report
- 2. Cloud security, hampered by proliferation of tools, has a “forest for trees” problem
- 3. Stealing the LIGHTSHOW (Part One) — North Korea’s UNC2970
- 4. Security researchers targeted with new malware via job offers on LinkedIn
- 5. Microsoft March Patch Tuesday fixes two zero-day bugs
- 6. Microsoft fixes Outlook zero-day used by Russian hackers since April 2022
- 7. Microsoft fixes Windows zero-day exploited in ransomware attacks
