Business Security Weekly Subscribe

Compliance Management, Security Staff Acquisition & Development

Where is the Human in Your Risk Management Program? – Ashley Rose – BSW #309

June 12, 2023

The Gartner definition of integrated risk management is a set of practices and processes supported by a risk-aware culture and enabling technologies, that improves decision making and performance through an integrated view of how well an organization manages its unique set of risks.

Enterprises typically have a broad coverage of the risks that face the business including cybersecurity risk, however, its 2023 and after more than a decade of requiring training compliance for our people, the Verizon DBIR reports this year that 74% of breaches involved human error. It's clear that compliance is not the answer for where to include the human in an IRM strategy, so what's next?

This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them!

Sponsored By

Living Security

Full episode and show notes

Announcements

Join our cybersecurity community on Discord! Connect directly with our expert hosts, join discussions with fellow audience members, and customize your notifications to receive alerts every time an episode of your favorite show publishes. Get your invite at securityweekly.com/discord!

Guest

CEO at Living Security

As the CEO and Co-founder of Living Security, Ashley Rose is the driving force behind Living Security’s push to lead the Human Risk Management industry. She has successfully raised more than $25 million in funding to scale the business, pivoted the company from solely in-person training to a fully digital platform, and has led the company to be named an industry leader in the Forrester Wave. She is a serial entrepreneur with experience designing and managing product lines. She co-founded Living Security based on the philosophy that empowering people is the best approach to lasting security behavior changes and breach prevention. She is an industry thought leader, sharing her unique perspective on the evolution of cybersecurity with various publications including Forbes, TechRepublic, Darkreading, Security Magazine, CyberWire and Cybersecurity Ventures.

Hosts

Chief Product Officer at CyberSaint

Independent Consultant & CISO

Jason Albuquerque

Chief Operating Officer at Envision Technologies

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

http://darkelement.io/

Related

Governance, Risk and Compliance

The Top-Down Approach in Cybersecurity and Compliance Isn’t Working – What’s Next? – Justin Beals – ESW #384

November 14, 2024

Naturally, the next approach to try is a federated one. How do we break down cybersecurity into more bite-sized components? How do we alleviate all this CISO stress we've heard about, and make their job seem less impossible than it does today? This will be a more standards and GRC focused discussion, covering: the reasons why cross-walking doesn...

Governance, Risk and Compliance

Driving the Business of Infosec Through the GRC Program – Greg Bee – CSP #185

July 30, 2024

Join us as we discuss the organization’s GRC program and how GRC helps drive the business of information security from internal and external perspectives to integrate security into the culture, while maintaining compliance with regulations imposed for insurance and public companies. Segment Resources: Webcast: https://www.scworld.com/cybercast/th...

Compliance Management

What does DoD’s CMMC Requirement Mean for American Businesses – Edward Tuorinsky – BSW #347

April 22, 2024

Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and im...