- CISO Series Newsletter
- Posts
- 06-18-20 - We'll Find the Cybersecurity Budget Once We're Breached
06-18-20 - We'll Find the Cybersecurity Budget Once We're Breached
We'll Find the Cybersecurity Budget Once We're Breached
This week's episode of Defense in Depth
Security Budgets
On this episode of Defense in Depth:
Co-host Allan Alford and guest Yaron Levi, CISO, Blue Cross and Blue Shield of Kansas City, discussed:
The general consensus among the community is cybersecurity is a spend it now or spend more later decision.
While everyone wants to find a metric to determine how much to spend on cybersecurity, there doesn't seem to be any that are useful.
The CISO's job is to provide data about risks so the business can make the decision about cybersecurity spending.
Most assume that after a breach there's more cybersecurity budget, but what you get first is cooperation.
Look at security as a market differentiator. What if you could withstand a cyber attack but your competition couldn't? Or possibly you could deliver a higher level of reliability to your customers. How would your business be perceived by the market?
A business impact analysis calculator can help understand your risk levels. Allan Alford has one his site.
Many felt the biggest cost to a company suffering a breach isn't loss of data or the regulatory fines, but the damage to the company brand.
The cost of proactive protection always beats the cost of suffering a data breach.
One listener recommended that MBA programs should have a breach case study as part of their curriculum.
Thanks to this week's sponsor of Defense in Depth, IronNet Cybersecurity.
To combat sophisticated cyber threats, companies are increasingly adopting collective defense strategies to actively share intelligence with peer organizations to improve the detection capabilities of the collective. Through faster sharing of behavioral analytics, signature-based, and human threat insights, organizations can more effectively spot malicious activity and reduce attacker dwell time. More on
.
Upcoming CISO Series Video Chats
TOMORROW! Friday [6-19-20] Hacking API Security
Featuring Nir Valtman, vp, head of product & data security at Finastra and Roey Eliyahu, co-founder & CEO, Salt Security.
Huge thanks to our sponsor, Salt Security.
Next Friday [6-26-20] Hacking Tool Optimization
Featuring Chris Kennedy, CISO, AttackIQ and Craig Goodwin, chief trust & risk officer, Fujitsu.
Huge thanks to our sponsor, AttackIQ.
All chats start at 10 AM PT/1 PM ET on Fridays.
Best Moments from "Hacking Rogue IT" Video Chat
Here are the highlights from “Hacking Rogue IT” Video Chat. To watch the full video and read the chat go here.
This video chat features me, Joey Johnson, CISO, Premise Health, and Anahi Santiago, CISO, ChrisitianaCare. Check out the post for the best bad ideas and the best quotes from our chatroom.
Don't miss our next video chat. They happen every Friday at 10 AM Pacific.
Join us for a special THURSDAY (6-25-20) edition of CISO Series Video Chat
We're producing a special episode of our video chat during Living Security's full day virtual conference, Breaking Security Awareness. Our session starts at 12:05 PM PT/3:05 PM ET and we're going to run it just like all of our Friday video chats. Anyone can appear on camera, there will be heavy discussion in the chat room, and we'll be playing "Department of YES" (formerly called "Best Bad Ideas") where our guests will have to argue why these horrible ideas are really truly fantastic. And I'm super excited to have as my guests Manju Mude, sr. security leader, Paranoids, Verizon Media and Christopher Hadnagy, CEO, Social-Engineer.org.Register for the full day event. It's free.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.