- CISO Series Newsletter
- Posts
- 4-12-22--Instead of Increased Cybersecurity, Could We Just Order Less Risk?
4-12-22--Instead of Increased Cybersecurity, Could We Just Order Less Risk?
Instead of Increased Cybersecurity, Could We Just Order Less Risk?
Welcome to this week's newsletter!
On his week's episode of CISO Series Podcast we examine the importance of cybersecurity awareness from executives to cybersecurity insurance companies.
Cyber Security Headlines you need to know include Senior EU officials being hit with NSO Group Spyware, an automous car cruises past cops, and Atlassian says outage could go on for weeks.
And Super Cyber Friday takes a break for the next 2 weeks, but we will return on April 29th with "Hacking the SOC (Security Operations Center)."
CISO Series Podcast
"Instead of Increased Cybersecurity, Could We Just Order Less Risk?"
Mike Johnson and I welcome guest Tom Doughty, vp and CISO, Prudential Financial to discuss:
How do you discuss cybersecurity with executives who don’t care about cybersecurity?
Does cybersecurity insurance help motivate better cybersecurity awareness?
Why are we still struggling with cybersecurity hiring?
What does a great day in information security look like?
Thanks to our podcast sponsor, CYREBRO
Best advice for a CISO
"Avoid optimism bias. I think optimism bias whereby you expect great outcomes and are therefore more likely to achieve them is a wonderful thing in life but a horrible thing in a cyber security program. So, what we really need is CISOs to make sure that we’re exhausting all the reasons reasonably why we might not be okay as opposed to rationalizing all the reasons why we might be. --Tom Doughty, vp and CISO, Prudential Financial
Listen to full episode of
Eager to listen to just "What's Worse?!"
We have full transcripts of all our podcast episodes. Plus, on your podcast player, we have chapter markers for all the segments. Read the transcripts or skip to your favorite segment.
Check out:
Overheard on Defense in Depth
"It’s really vulnerability management or exposure management. What you’re doing with this patching, you’re essentially addressing a vulnerability. You’re not patching. Patching–the act of modifying the code to solve a potential defect. In this case, you’re not doing any of that so this is a vulnerability mitigation....I mean, the term, I understand it’s used. It’s used the same way as Attack Surface Management and a lot of others. So, it’s a great concept, it’s been around for quite some time." Ody Lupescu, CISO, Ethos Life
Listen to full episode of
Cyber Security Headlines
Top headlines for Tuesday, April 12, 2022:
Senior EU officials hit with NSO Group Spyware
Automous car cruises past cops
Atlassian says outage could go on for weeks
to this episode.
or subscribe to the daily newsletter.
Our LIVE "Week In Review" for
Cyber Security Headlines
will be on break for the next two weeks, but we will return on Friday, April 29, 2022 at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. HAPPY SPRING BREAK!
or subscribe to the daily newsletter.
Thanks to our Cyber Security Headlines sponsor, Code42
Super Cyber Fridays!
We're off for the next two weeks. Join us Friday [04-29-22] for "Hacking the SOC"
Taking a break for a couple of weeks we'll be back on April 29th, 2022 for
"Hacking the SOC (Security Operations Center): An hour of critical thinking about what keeps SOC employees motivated."
It all begins at 1 PM ET/10 AM PT with guests Eoin Hinchy, CEO and co-founder, Tines and Erik Bloch, senior director, detection and response, Sprinklr. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.