Enterprise Security Weekly Subscribe

Governance, Risk and Compliance, Compliance Management, AI benefits/risks

The Top-Down Approach in Cybersecurity and Compliance Isn’t Working – What’s Next? – Justin Beals – ESW #384

November 14, 2024

Naturally, the next approach to try is a federated one. How do we break down cybersecurity into more bite-sized components? How do we alleviate all this CISO stress we've heard about, and make their job seem less impossible than it does today?

This will be a more standards and GRC focused discussion, covering:

the reasons why cross-walking doesn't work
the reasons why traditional TPRM approaches (e.g. questionnaires) don't work
opportunities for AI to help
risk management or sales support?

Full episode and show notes

Guest

CEO and Founder at Strike Graph

Justin Beals, with a background in AI, cybersecurity, and governance, founded Strike Graph to simplify cybersecurity audits and certifications. He likes making arcane cybersecurity standards plain and simple to achieve.

Hosts

Adrian Sanabria

Principal Researcher at The Defenders Initiative

https://adriansanabria.com

Katie Teitler-Santullo

Product Marketer and Content Strategist at OX Security

Related

Governance, Risk and Compliance

Cybersecurity Budgets: the Journey from Reactive to Proactive – Theresa Lanowitz – ESW #383

November 7, 2024

CISOs struggle more with reactive budgets than CIOs or CTOs. It's not that part of the CISO's budget shouldn't be reactive, it's certainly necessary to an extent. The problem is when proactive measures suffer as a result. In this interview, we'll discuss some of the causes behind this and some strategies for breaking out of this loop. This segment...

Security Program Controls/Technologies

Cyber Security Awareness for Election and Poll Workers – Kirsten Davies – ESW #381

October 24, 2024

The vast majority of the folks working polls and elections are volunteers. This creates a significant training challenge. Not only do they have to learn how to perform a complex and potentially stressful job in a short amount of time (most training is one day or less), cybersecurity-related concerns are usually not included for individual poll loca...

Risk Assessments/Management

Aligning Tech Execs on Cyber Resilience – Theresa Lanowitz – BSW #369

October 21, 2024

Getting C-Suite execs aligned on cyber resilience and cybersecurity can be a challenge. LevelBlue's recent Futures™️ report sought to uncover the barriers that prevent companies from achieving cyber resilience in the enterprise today. The report not only surveyed C-Suite execs (CIOs, CTOs, and CISOs), but non-C-Suite leaders from engineering and ar...