Podcasts about information risk

In this podcast interview, the speaker will provide a key overview of the build vs buy decision in uncovering Ballard Spahr's new AI tool "Ask Ellis." In addition, we will discuss what initial work they had to do with clients if they are using any of their client documents for fine tuning or RAG style solutions. Finally, we will highlight the various three assistants, which are chat, draft and analyze features.  Moderator: Chris Hockey, Manager, Information Risk & Governance, Alvarez & Marsal Speaker: Lisa Mayo Haynes, Director of Technology Innovation, Ballard Spahr LLP

You can't manage what you can't measure. That's the idea behind a professional association known as the FAIR Institute. FAIR stands for Factor Analysis of Information Risk. The group seeks to advance quantitative measurement and management of risk to information, including in federal organizations. To learn more about what information keepers need to know, Federal Drive Host Tom Temin spoke with the founder of the FAIR Institute, Nick Sanna. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

You can't manage what you can't measure. That's the idea behind a professional association known as the FAIR Institute. FAIR stands for Factor Analysis of Information Risk. The group seeks to advance quantitative measurement and management of risk to information, including in federal organizations. To learn more about what information keepers need to know, Federal Drive Host Tom Temin spoke with the founder of the FAIR Institute, Nick Sanna. Learn more about your ad choices. Visit megaphone.fm/adchoices

Managing a farm can be tough, especially when you add in the need for financial reporting. With the right guidance and support, you can easily master the art of financial management and take your farm to new heights.To enjoy a 6-month, 30% discount on your QBO subscription, use this link: https://quickbooks.grsm.io/sucjvmft2ywd

In this podcast edition, Tyler Britton, Cyber Risk Manager at Dropbox, joins Matthew Davies, VP of Product at SureCloud, to discuss Factor Analysis of Information Risk methodology and how he has embedded it in his organization, Dropbox. He explains his role as a Quantitative Cyber Risk Manager and goes through the challenges and benefits of implementing Factor Analysis of Information Risk (FAIR) methodology in organizations.

From September 6, 2022 - Donna Gallaher, President and CEO of New Oceans Enterprises, LLC, is a seasoned IT and information security pro providing virtual CISO and risk management services. She is a FAIR (Factor Analysis of Information Risk) evangelist and is passionate about growing the virtual CISO community, including serving on the Board of Directors for vCISO Catalyst, a Public Benefit Corporation supporting the improvement of cybersecurity programs of small and medium businesses. If you have never heard of FAIR or are interested in the virtual CISO field (or both), check out this episode! New Oceans Enterprises, LLC - https://www.newoceansenterprises.com/ --- Send in a voice message: https://anchor.fm/virtual-ciso-moment/message

On this edition of Security Bytes Jim talks to Sharon Mudd, a senior cybersecurity operations researcher with CERT Division at the Software Engineering Institute. In a world where technology is at the center of evaluating cyber risks, the human factor arguably contributes greatly, but how are we measuring and improving?

It was a pleasure to host Praj this time around. Praj is the Cyber Risk & Compliance director at Horizon media. We've spoken about so many things, from people skills to the importance of certification to negotiation techniques with vendors.Tune in to learn more.

Donna Gallaher, President and CEO of New Oceans Enterprises, LLC, is a seasoned IT and information security pro providing virtual CISO and risk management services. She is a FAIR (Factor Analysis of Information Risk) evangelist and is passionate about growing the virtual CISO community, including serving on the Board of Directors for vCISO Catalyst, a Public Benefit Corporation supporting the improvement of cybersecurity programs of small and medium businesses. If you have never heard of FAIR or are interested in the virtual CISO field (or both), check out this episode! New Oceans Enterprises, LLC - https://www.newoceansenterprises.com/ --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/virtual-ciso-moment/message Support this podcast: https://anchor.fm/virtual-ciso-moment/support

Information risk analysts conduct objective, fact-based risk assessments on existing and new systems and technologies, and communicate findings to all stakeholders within the information system. They also identify opportunities to improve the risk posture of the organization and continuously monitor risk tolerance.Learn more: https://www.infosecinstitute.com/skills/train-for-your-role/information-risk-analyst/0:00 - Information risk analyst career0:30 - Day-to-day tasks of an information risk analyst2:09 - How to become an information risk analyst4:00 - Training for an information risk analyst role5:42 - Skills an information risk analyst needs9:24 - Tools information risk analysts use10:51 - Jobs for information risk analysts 13:08 - Other jobs information risk analysts can do18:05 - First steps to becoming an information risk analystAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

This week we are joined by Mimecast's Regional CISO for APAC, Mark O'Hare, who shines a light on the three common CISO persona types (the technical, the compliance, and the risk focused), their trademark strengths and how these personas can influence an organisation. We also discuss how and why MITRE ATT&CK Framework is useful and the utility of FAIR or Factor Analysis of Information Risk - including its strengths and where it falls short.

In our 31 July 2021 Episode 42, Risky Business, we covered the basics of risk and risk assessment. This part 2 episode gets into the practical application of risk management using the FAIR model, or Factor Analysis of Information Risk. We explain key risk terminology and walk through examples of how to express risk using this model, as well as creating a meaningful way to explain to executives that is actionable.   Risk Matrix Example: Link One Page FAIR Model: Link Measuring & Managing Information Risk: Link FAIR Wiki: Link

Introducing the audio edition of our teissTalk series. Each week we dive into the latest cyber security news with our expert panel and then deep dives into an issue that is vital to the cyber security industry. On this episode: Turning security into a business enabler for your “internal customers”Translating the Board and organisation's priorities into budgeted security developmentsAre InfoSec Leaders guilty of inflating the cyber threat in order to win budget?Host: Jenny RadcliffeJenny Radcliffe, also known as “The People Hacker,” is a world renowned Social Engineer, hired to bypass security systems through a no-tech mixture of psychology, con-artistry, cunning and guile. Guests: Lee Whatford, Chief Information Security Officer, Domino's PizzaAn outcome focussed Information Risk and Security Leader with more than two decades of experience in strategic, operational, advisory and technical leadership roles for blue-chip organisations across multiple sectors.Matt Hardy, Chief Information Security Officer, OMNIOSecurity leader with 20+ Years of Directing International Security Programmes for Multi-Billion Pound Organisations and has lead teams of security experts for Three Ireland, Synthomer PLC, IntelliQA, Huawei, BT, and other large organisationsGarry Scobie, Deputy Chief Information Security Officer, The University of Edinburgh A Certified Information Systems Security Professional and ITIL Expert who regularly presents on computer security, including sessions on: Ransomware, Mobile Security and Cyber in the Movies.Attend a live teissTalk, for free, by visiting https://www.teiss.co.uk/talk/

Introducing the audio edition of our teissTalk series. Each week we dive into the latest cybersecurity news with our expert panel and then a deep dive into an issue that is vital to the cybersecurity industry. On this episode: Orchestrating your cyber incident response for a 2021 hybrid workforceReducing inefficiencies and scaling the work of your security analystsExtended Detection and Response – allocating resource and budget to create a strong defence in depth strategyHost: Geoff WhiteInvestigative journalist Geoff White has covered technology for BBC News, Channel 4 News, Audible, Forbes online and many others.Guests: Vicki Gavin, Head of Information Security & Compliance, Kaplan InternationalPreviously CISO at The Economist and Head of Business Continuity, Information Risk & Business Risk at Barclaycard, Vicki is considered an industry expert on Cyber Security. Vicki was awarded Cyber Security Woman of the Year, 2015 and Security Serious Unsung Hero Awards, Marathon (Wo)man, 2016.Nenad Milisavljevic, Global Chief Information Security Officer, United Group B.VAn educated and qualified Information Security professional with wide experience in Information Security, IT/IS audits and Risk management. Israel Barak, Chief Security Officer, CybereasonIsrael Barak, CISO, is a cyber defense and warfare expert, with his extensive background established at the Israeli Defense Forces and the Government of Israel.Attend a live teissTalk, for free, by visiting https://www.teiss.co.uk/talk/

Im Sicherheitsbereich gibt es viele Weiterbildungen. Gerade für Quereinsteiger in der IT ist es nicht immer einfach, den richtigen Weg zu finden. Martina Dalla Vecchia ist Professorin an der Fachhochschule Nordwestschweiz FHNW und kennt sich sehr gut aus. Andreas Wisler führt mit ihr ein Gespräch über die Weiterbildungsmöglichkeiten, aber auch das CAS Cybersecurity & Information Risk Management.

In the fourth episode of season two, co-hosts Bill Mariano and Rob Hellewell begin with Sightings of Radical Brilliance and the recent trend of folks moving away from email and towards text and chat tools. They dive into the diverse challenges and risks associated with this shift.Next, Bill and Rob introduce their guest speaker, David Kessler,Head of Data and Information Risk, United States, at Norton Rose Fulbright US LLP, to discuss cybersecurity challenges across the various stages of the EDRM. In this episode they ask the following key questions to David:What does a high-level overview of data security look like today?Who does this affect?Where are vulnerabilities within the EDRM?What are some key solutions for overcoming top challenges?In the end, our co-hosts wrap up with a few key takeaways. Follow us on Twitter and discover more about our speakers and the show here.Related LinksBlog Post: Illuminations Panel – Cybersecurity and Reporting Tips to RememberBlog Post: How to Minimize Your Sensitive Data Footprint Prior to eDiscoveryAbout Law & CandorLaw & Candor is a podcast wholly devoted to pursuing the legal technology revolution. Co-hosts Bill Mariano and Rob Hellewell explore the impacts and possibilities that new technology is creating by streamlining workflows for ediscovery, compliance, and information governance. To learn more about the show and our speakers, click here.

I know you've heard me about my decision NOT to go into the Information Risk route, so why the change? To be honest, I need to stay relevant somehow in the ever changing landscape of technology. You've heard about organizational change and the like, so I need to ensure I stay relevant. I'm giving you some resources for preparing for this certification exam. Won't you join me on this journey?

On today’s show, host Chris Gorog speaks with the Former Chief Security and Privacy Officer at Intel, Malcolm Harkins. Malcolm tells us how he got into cyber-security and put in 24 years into Intel and another 4 into a start-up company called Silence Corporation. With his background in the industry, Malcolm breaks down the difference between a CIO and CISO, explaining how most CISO’s report to CIO’s inside a company. He also speaks on how he believes Information Risk is permeating every aspect of an organization and creating social risks and ethical and moral dilemmas on how you use technology in a business/corporation. Malcolm breaks down how he thinks both the roles of CIO’s and CISO’s will grow and develop as people become more aware of the benefits of cyber-security in their businesses. Listen as Malcolm explains the importance of trust in the security industry and how most companies will base finding it on two things: confidence and character. Visit our sponsors: Cyber Resilience Institute Internet Broadcasting Network BlockFrame Inc. SecureSet Academy Murray Security Services

Terry Mason is the Head of Information Risk & Technology Governance at a global multi-strategy hedge fund with 15+ years of experience in information security, technology governance, technology infrastructure, and project management. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode86 Visit http://securityweekly.com/category/ssw for all the latest episodes!

Terry Mason is the Head of Information Risk & Technology Governance at a global multi-strategy hedge fund with 15+ years of experience in information security, technology governance, technology infrastructure, and project management. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode86 Visit http://securityweekly.com/category/ssw for all the latest episodes!

In this episode: Feature interview with Genevieve Southwick - aka Bana Sidhe (pronounced Banshee) - Denver's wrangler of security conferences. Also news from Palo Alto Networks, Secure64, Swimlane and Automox. Full show notes: https://www.colorado-security.com/news/2017/7/15/24-717-show-notes Girl Scouts - selling cookies, camping and... hacking computers? The weather isn't the only thing heating up in Colorado. Tons of new meetings posted this week, and a lot of great news. Funding for a Denver home automation company, a new CISO of the year award is posted, new cybersecurity rules for investment advisors and broker-dealers in Colorado, a new board member for Secure64, Swimlane win's an award, and a local company explains the CVE system. And my favorite... Palo Alto networks is working with the Girl Scouts to create cybersecurity badges. What a great world we live in. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. We're continually working to improve the show, and appreciate the feedback we get from our listeners. If you discover any audio issues, or have suggestions for our format, let us know. This week's episode is available on Soundcloud, iTunes and the Google Play store. Reach out with any questions or comments to info@colorado-security.com Feature interview: Genevieve Southwick is one of the most colorful and fun characters in the Colorado security community. Known online as Bana Sidhe (pronounced Banshee), Gen has been responsible for helping organize Denver BSides, Las Vegas BSides, and a number of other security conferences over the last decade. In this conversation we learn how Gen's career at the Renaissance Faire turned into a security career. BSides - Proving Grounds. Denver City Sec.  Local security news: Why go into the office? Denver area embraces telecommuting Josh.ai - Denver home automation startup raises 8m Apex Awards - CISO of the year award is up now! Colorado Division of Securities Adopts Final Cybersecurity Rule Palo Alto and Girl Scout team up on security badges Cyber Security Expert Dan Massey Joins the Secure64 Executive Team Swimlane named "breakout vendor" by Forrester Automox Blog - CVE System Explained Job Openings: Gates - Director of Information Risk & Security Connect for Health Colorado - Security Analyst ProtectWise - Malware Analyst, Threat  Researcher Coalfire - Sr Security Consultant, Penetration Tester Red Canary - Security Operations Center Analyst Webroot - Advanced Malware Threat Research Engineer Ping Identity - GRC Analyst Upcoming Events: This Week and Next: OWASP - July meeting - 7/19 NCC - Cyber Center Charrette 2017 - 7/19-21 DenverSec - Meetup - 7/20 ISC2 Denver - CISSP - ISSEP Presentation - 7/20 ISSA COS - Mini Seminar - 7/22 NCC - Air Force Association's CyberPatriot CyberCamp - 7/24-28 SecureSet - Capture the flag - 7/28 ISSA COS - CISSP Exam Prep - 7/29 Other Notable Upcoming Events: 7th Annual Cyber Security Training & Technology Forum - 8/30-31 NCC - Governor's Cyber Symposium - 11/1-3 CTA - APEX Awards - 11/8 View our events page for a full list of upcoming events If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Christopher Wright, author of 'Fundamentals of Information Risk Management Auditing', sits down with us and talks about his book. Buy this book here: https://www.itgovernance.co.uk/shop/product/fundamentals-of-information-risk-management-auditing

I spoke with Jessica Block, a Senior Managing Director and leader of the data governance practice at Ankura Consulting Group, a business advisory and expert services firm. We discussed the rise of cyber incidents and how data governance can influence prevention strategies in law firms and legal departments, advice for companies struggling to manage information risk, and key areas on which to focus, among other topics.

I spoke with Jessica Block, a Senior Managing Director and leader of the data governance practice at Ankura Consulting Group, a business advisory and expert services firm. We discussed the rise of cyber incidents and how data governance can influence prevention strategies in law firms and legal departments, advice for companies struggling to manage information risk, and key areas on which to focus, among other topics.

I spoke with Jessica Block, a Senior Managing Director and leader of the data governance practice at Ankura Consulting Group, a business advisory and expert services firm. We discussed the rise of cyber incidents and how data governance can influence prevention strategies in law firms and legal departments, advice for companies struggling to manage information risk, and key areas on which to focus, among other topics.

I spoke with Jessica Block, a Senior Managing Director and leader of the data governance practice at Ankura Consulting Group, a business advisory and expert services firm. We discussed the rise of cyber incidents and how data governance can influence prevention strategies in law firms and legal departments, advice for companies struggling to manage information risk, and key areas on which to focus, among other topics.

Listen to the full Managing & Mitigating 3rd Party Information Risk in the Connected Enterprise keynote session from 1.00pm Thursday 9th June at #infosec16

Jack Freund, the guest of my latest podcast, is the co-author of a book with Jack Jones on quantifying risk (Measuring and Managing Information Risk: A FAIR Approach). This book was inducted into the Cybersecurity Canon in 2016. The Cyber Security Canon is a Hall of Fame for IT Security books. The founder Rick Howard has been a previous guest on this podcast. Some of the links that I really like from this episode are Jack’s presentation called “Assessing Quality in Cyber Risk Forecasting”, his most recent article in the ISSA Journal that I love called “Using Data Breach Reports to Assess Risk Analysis Quality”. You will be able to find all links and show notes at redzonetech.net/podcast This episode is sponsored by the CIO Scoreboard Major take-aways from this episode are: 1. Elevate Your IT Security Risk Communication Game using Data Breach reports to Inspire Action in the Business 2. How to use Risk Data so that the business becomes more comfortable with uncertainty 3. New Refreshing perspectives on presenting IT Security Risk to the business 4. Predicting and Forecasting likelihood and frequency of events happening into your risk analysis 5. How to Use External Data Breach Sources of competitors and non-competitors to build your risk cases. About Jack Dr. Jack Freund is a leading voice in Information Risk measurement and management with experience across many industry segments. His corporate experience includes spearheading strategic shifts in IT Risk by leading his staff in executing multimillion dollar efforts in cooperation with other risk and control groups. Jack has been awarded a Doctorate in Information Systems, Masters in Telecom and Project Management, and a BS in CIS. He holds the CISSP, CISA, CISM, CRISC, CIPP, and PMP designations. Jack's academic credentials include being named a Senior Member of the ISSA, IEEE, and ACM, a Visiting Professor, and an Academic Advisory Board member. Find transcript here How to get in touch with Jack Freund LinkedIn profile Twitter Key Resources: Jack’s personal blog and website The Risk Doctor Books/Publications Jack’s book Measuring and Managing Information Risk: A FAIR Approach inducted into the Cyber Security Canon Hall of Fame – Books every cyber security professional should read ISSA Journal Article , Feb 2016, that has links to important external data sources for risk analysis: (see page 21) Assessing Quality in Cyber Risk Forecasting Presentation  Article in ISACA  “Cloudy with a chance of risk” This episode is sponsored by the CIO Scoreboard, a powerful tool that helps you communicate the status of your IT Security program visually in just a few minutes. Credits: * Outro music provided by Ben’s Sound Other Ways To Listen to the Podcast iTunes | Libsyn | Soundcloud | RSS | LinkedIn Leave a Review If you enjoyed this episode, then please consider leaving an iTunes review here Click here for instructions on how to leave an iTunes review if you're doing this for the first time.

Christopher Wright, author of 'Fundamentals Of Information Risk Management Auditing' talks to us about his book and why he wrote it.

Christina started as a server administrator. But over the years, she found her way into information security, now serving as VP of Technology and Information Risk at Morgan Stanley. She talks to us about the vast world of security, why CodeNewbies should care about security even as developers, and how she’s navigated her own coding journey. Show Links Digital Ocean (sponsor) MongoDB (sponsor) Heroku (sponsor) TwilioQuest (sponsor) Github Server Administration General Assembly Rebecca Garcia Interview ASP.NET Visual Basic Active Directory Annyce Davis Interview Codeland Conf Codeland 2019

In this podcast, Sr. Director of Product Marketing, Mathew Lodge provides and overview of Symantec’s new Information Risk Management Strategy, and talks about the three new products that make up the cornerstone of the new strategy. For more information, visit the business section at: www.symantec.com