Podcasts about jerich beason

All links and images for this episode can be found on CISO Series. Check out this post from Jerich Beason, CISO at WM, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining us is Rinki Sethi, vp and CISO, BILL. In this episode: You need a solid foundation A lot depends on the role Underappreciated skills Structures and frameworks Huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.

What's the key to mitigating unseen cyber risks? In this episode, Wes Wright, Chief Healthcare Officer at Ordr and Jerich Beason, CISO at WM uncover the complexities of attack surface management (ASM) and its impact on cybersecurity.  Together with Ron, they explain what constitutes an attack surface and introduce practical frameworks like See-Know-Secure, emphasizing the need for complete visibility and data-driven risk mitigation.  Impactful Moment: 00:00 - Introduction 03:00 - Defining attack surface management 06:13 - See-Know-Secure framework  09:05 - Analogies for explaining ASM to stakeholders 15:33 - Building an inventory for asset visibility 20:42 - Convincing leadership: Budget strategies 25:00 - Tools and methodologies for ASM 36:57 - Managed services vs. in-house approaches 43:00 - Starting your ASM journey   Links: Connect with our guests – Wes Wright: https://www.linkedin.com/in/4kidwes/ Jerich Beason: https://www.linkedin.com/in/jerich-beason/ Learn more about Ordr: https://ordr.net/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/  

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Jerich Beason, CISO, WM. Joining us is Teresa Tonthat, vp, associate CIO, Texas Children's Hospital. This episode was recorded live at HOU.SEC.CON. In this episode: Connecting with the business   Keep the users in mind Ground security in reality Teach, don't shame Thanks to our podcast sponsor, Vorlon Security! Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

Episode SummaryIn this episode, Jerich Beason, CISO at WM, joins the show to discuss becoming a CISO. Before joining WM, Jerich served in various roles at Lockheed Martin, RSA, Capital One, AECOM, and Deloitte.Jerich talks about how he tailored his roles throughout his career, learning communication soft skills and his passion for sharing with others. Hear about how AI affects leadership, how Jerich would change the cybersecurity industry, and the true value of vendors (it's positive!).Timestamp Segments·       [02:51] When Jerich knew he wanted to be a CISO.·       [04:52] Tailoring the roles.·       [06:02] What is Jerich most proud of?·       [07:17] Jerich's best advice.·       [13:22] Transitioning away from geek-speak.·       [17:29] When Jerich developed the passion.·       [20:28] The PRIME framework.·       [25:20] What should be talked about with AI?·       [29:09] What would Jerich change about the cybersecurity industry?·       [30:33] Hiring the right people.·       [33:37] How Jerich stays sharp.·       [35:06] The value of vendors. Notable Quotes·       “Not every issue warrants a ‘sky is falling' alert.”·       “When it comes time to leave, leave a legend.”·       “We don't exist without vendors.” Relevant LinksWebsite:          www.wm.comLinkedIn:         Jerich BeasonSecure applications from code to cloud. Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jerich Beason, CISO, WM Thanks to our show sponsor, Savvy Security Shadow identities on SaaS apps are growing unchecked, rapidly expanding an attack surface where businesses have little-to-no visibility or control. Savvy helps security teams safely embrace SaaS benefits by automating the discovery and removal of the most toxic combinations of SaaS identity risk. Savvy's automation playbooks and just-in-time security guardrails guide users at scale towards proper identity hygiene. That's Savvy—Identity-First SaaS Security.  Learn more at savvy.security/headlines.  All links and the video of this episode can be found on CISO Series.com

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our guest, Jerich Beason, CISO, WM. In this episode: Does generative AI come with a new set of risks? How can we address these risks to take advantage of its benefits? How do we approach a much desired technology we're not so sure how we should secure? How can we take what we've learned from past technological advances and apply it to mitigate risks with generative AI? Thanks to our podcast sponsor, SpyCloud Get ahead of ransomware attacks by acting on a common precursor: infostealer malware. SpyCloud recaptures what's stolen from infostealer-infected systems, and alerts your team to take action before compromised authentication data can be used by criminals to target your business. Get our latest research and check your malware exposure at spycloud.com/ciso.

All links and images for this episode can be found on CISO Series The cybersecurity sales process is so terribly inefficient. And everyone, the targets and cybersecurity leaders, are losing valuable time because of that inefficiency. Where can we start making improvements? Check out this post for the discussion that's the basis for this podcast episode. This week's Defense in Depth is hosted by me, David Spark (@dspark), producer, CISO Series. Our guest co-host is John Overbaugh, CISO, ASG. John and I welcome our guest, Jerich Beason (@blanketsec), commercial CISO, Capital One. Thanks to our podcast sponsor, Compyl GRC solutions often cause process roadblocks within organizations. They are either antiquated and lack the functionality needed or so stripped down they can't fix the problems you set to solve. That's why the team over at Compyl created the all-in-one security and compliance automation platform. Compyl quickly integrates with the tools you use, and automates 85% of the day-to-day tasks, all while providing complete transparency and comprehensive reporting along the way. Start your free trial with Compyl today and see all the efficiency gains you can expect from a leading solution. Learn about Compyl today at www.compyl.com/getstarted. In this episode:  Why is the cybersecurity sales process so terribly inefficient? Where can we start making improvements? What could be done to improve the efficiency? What is the solution to removing wasted effort and time?

Cyber law expert, attorney, and SANS instructor, Ben Wright joins hosts Jerich Beason & Whitney McCollum to discuss a variety of topics, including Ben's career path into cyber law and teaching, the pros and cons of having a cyber whistleblower, and the importance of the investigation and knowledge of the impacted company. We talked about the need for cyber security education for all lawyers, how cyber risk should be foundational to legal training and education, and how that could be implemented.  As a lawyer working in the field for decades, Ben explores with us why knowledge of cyber risk is important for lawyers not only to protect client data, but also for advising clients? Who gets access to your firm's information systems? What are the laws and implications around those systems? Should CLE credits on cyber topics be required?   Ben also offers his tips on managing the possibility of cyber whistleblowers within an enterprise and having a process in place to effectively manage internal reporting of concerns. Do limited resources and shortage of talent contribute to whistleblowing? What affect does the social and digital media landscape have on the motivations of whistleblowers?  Learn all this and more in today's episode.  Links from this show: Bloomberg Law "Analysis: Mandatory Cybersecurity CLE Credits – At a Bar Near You” https://news.bloomberglaw.com/bloomberg-law-analysis/analysis-mandatory-cybersecurity-cle-credits-at-a-bar-near-you   Wall Street Journal “Cybersecurity Whistleblowers are Growing Corporate Challenge” https://www.wsj.com/articles/cybersecurity-whistleblowers-are-growing-corporate-challenge-1526403513?tesla=y   Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice.  They represent their views only and not those of Epiq or their respective employers.” BIOGRAPHY Attorney Benjamin Wright helps others navigate the law of technology.  He teaches the class Law of Data Security and Investigations for SANS Institute, the premier authority for training information security professionals and digital forensics experts. That 5-day boot camp is unique in the world. It trains professionals on how to manage cyber law risk across the globe. Wright advises clients -- in the US and throughout the world -- on privacy, e-discovery, data breaches, online contracting, technology contracts, active defense, forensic investigations, and cyber security policies. Ben helps tech professional firms write engagement contracts, and otherwise manage their legal liability and right to be paid. Such firms include QSAs, auditors, penetration testers, and forensic investigators. Ben is spotlighted in the book "The Devil Inside the Beltway" for his uncommonly insightful advice to LabMD in its now famous information security law dispute. Wright is the author of the book "The Law of Electronic Commerce" (Wolters Kluwer). Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com. 

All links and images for this episode can be found on CISO Series Learning cyber is not a question for those who are just starting out. It's for everybody. Where and how do we learn at every stage of our professional careers? Check out this post for the discussions that are the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Our guest is Jerich Beason, CISO, Commercial, Capital One. Thanks to our podcast sponsor, SlashNext SlashNext protects the modern workforce from phishing and human hacking across all digital channels. SlashNext Complete™ utilizes our patented AI SEER™ technology to detect zero-hour phishing threats by performing dynamic run-time analysis on billions of URLs a day through virtual browsers and machine learning. Take advantage of SlashNext's phishing defense services for email, browser, mobile, and API. In this episode: Where do we go to learn at every stage of our professional careers? We discuss how the learning process never really stops, but is on-going with cyber professionals continuing to learn throughout their careers. Why is the “know-it-all” leader a red flag to avoid?

Security expert, Roselle Safran, joins hosts Jerich Beason& Whitney McCollum have come together after realizing more people know more about “The Queen's Crown Jewels” than those that are vital to their company.  How do you determine which are those precious systems that are the bare minimum & mission-critical to operate, generate revenue, or contain the In some industries these could mean life or death.  Where do you invest most to protect the organization? The analogy is pondered – No one breaks into a bank to steal the posters.  These experts take a deep dive into what the legal team and board must know about the crown jewels of an organization.  Roselle explains how taking the manual processes, biases, and opinions out of the equation with technology that assesses what your crown jewels are is becoming important to large organizations that have many assets, revenue streams, and layered dependencies.  Once you know what your crown jewels are you can properly assess the risk, manage that risk, protect the crown jewels, and know where you must be most resilient.  What input should legal have on risk?  Who in the organization ultimately owns the risk? The CEO? The board? Who determines the risk appetite? Who communicates it down through the organization? Where does the CISO fall into ownership versus managing risk?  Learn about risk appetite, the tolerance of risk by leadership, and aligning acceptance of risks with business goals.  The conversation closes with a great thought, “Just like an investigator tracking down the bad guys, start where the money is and you will find the crown jewels.”Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice.  They represent their views only and not those of Epiq or their respective employers.” BIOGRAPHYRoselle Safran is the CEO and Founder of KeyCaliber, a technology startup that enables cybersecurity, risk, and infrastructure teams to identify their critical cyber assets automatically and continuously to effectively manage cyber risk and ensure cyber resilience. The first cybersecurity startup that she founded, Uplevel Security, was acquired by McAfee.  Before becoming an entrepreneur, Roselle spent a decade as a cybersecurity practitioner and leader. She led cybersecurity operations at the Executive Office of the President during the Obama Administration, directing tactical measures and strategic initiatives for protecting and defending the White House's network. Prior she managed analysis teams at the Department of Homeland Security's US-CERT. Roselle earned her Bachelor of Science in Engineering degree from Princeton University. Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Privacy & Compliance expert from Microsoft, Ingrid Rodriguez, joins hosts Jerich Beason& Whitney McCollum to discuss taking risk out of silos. They talk about how the entire organization needs to have understanding of the enterprise risks.  Specifically, how does security & compliance fit into the enterprise risk framework?  What are the situational perspectives of the C-Suite and how can those perspectives drive compliance goals?  How can the CISO and legal work together and with the enterprise for compliance? They will also talk about risk appetite, the tolerance of risk by leadership, and aligning acceptance of risks with business goals.  How much and how often should you communicate risks and mitigation strategy?  Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice.  They represent their views only and not those of Epiq or their respective employers.”BIOGRAPHYIngrid is an Advanced Compliance Global Black Belt with Microsoft Security Solutions Area supporting the South, Southeast of the US, and LATAM regions. In her role, Ingrid shares her enterprising multinational information and security risk management executive experience, to help customers strategize within their Risk and Compliance obligations leveraging our solutions in Compliance, Information Protection, Privacy Management, and Insider Threat management capabilities. During her 18 years tenure in IT Risk & Compliance Leadership, Ingrid designed for an innovative Global Technology Risk Management Framework, as well as a vision for tactical implementation of technology and security controls by combining a variety of data security standards such as: NIST, ISO, PCI, HIPAA, FFIEC, GDPR, to mention a few. Ingrid designed and built the first Global Technology Risk Management programs in most of her previous employers. She lead, supported and guided over 45 countries to meet US and country-level compliance and privacy needs and well as Global Standards.  Ingrid is from Puerto Rico, based in Dallas, TX but soon relocating to beautiful Pensacola, FL. She is a frequent speaker on Risk Management and Compliance topics, in both languages English and Spanish, in many global, national and regional events including ISACA, Microsoft Executive Briefing Center, Fintech, Partners and many other associations and affiliations within the Privacy, Risk and Compliance industry in the US and LATAM.  Ingrid received a Bachelor's Degree in Computer Engineering from the University of Puerto Rico, and also holds a Master's Degree in Sciences, Computer Sciences from the University of Phoenix. She holds various industry certifications, including CRISC, CDPSE, ITIL among others. LinkedIn: https://www.linkedin.com/in/inrodz/ Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, May 16-20, is hosted by Rich Stroffolino with our guest, Jerich Beason, CISO, Commercial Bank, CapitalOne Thanks to today's episode sponsor, Torq All links and the video of this episode can be found on CISO Series.com      

Professor, Attorney and Expert in Cybersecurity Policy & Governance, Kevin Powers joins Jerich Beason & Whitney McCollum to discuss where the law stands on “Hacking Back”. Everyone at some point wants to be Batman. During this Cyberside Chat they will answer questions such as: Is it ok to do whatever it takes to protect data or is it like breaking back into a thief's house to steal your items back? What could go wrong? How does the Computer Fraud & Abuse Act apply? What are the civil and criminal ramifications to the company executives and board of directors? How do you advise as internal counsel or outside counsel on corporate vigilantism? Where should law and regulation go in regard to the ever-changing landscape of cyber threats? Kevin Powers also speaks about the need for legal professionals to learn cybersecurity law, the programs available, and how you can add CLE's on the subject.Articles & Links for Reference:https://www.justice.gov/jm/jm-9-48000-computer-fraudhttps://blog.malwarebytes.com/ransomware/2022/03/nvidia-the-ransomware-breach-with-some-plot-twists/https://www.wired.com/story/north-korea-hacker-internet-outage/Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice.  They represent their views only and not those of Epiq or their respective employers.”BIOGRAPHYProfessor Kevin R. Powers, J.D., Founder and Director, Master of Science in Cybersecurity Policy and Governance Programs, Boston College  Kevin is the founder and director of the Master of Science in Cybersecurity Policy and Governance Programs at Boston College, and an Assistant Professor of the Practice at Boston College Law School and in Boston College's Carroll School of Management's Business Law and Society Department. Along with his teaching at Boston College, Kevin is a Cybersecurity Research Affiliate at the MIT Sloan School of Management, and he has taught courses at the U.S. Naval Academy, where he was also the Deputy General Counsel to the Superintendent.   With over 20 years of combined cybersecurity, data privacy, business, law enforcement, military, national security, higher education, and teaching experience, he has worked as an analyst and an attorney for the U.S. Department of Justice, U.S. Navy, U.S. Department of Defense, law firms in Boston and Washington, D.C., and as the general counsel for an international software company based in Seattle, Washington. Kevin also is an expert witness and consultant with the Analysis Group and serves as a Director for the Board of Reading Cooperative Bank, a Trustee for the Board of Boston College High School, an Advisory Board Member for HYCU, Inc. (Backed by Bain Capital Ventures) and CyberSaint Security, and as a Member of the Boston College Law School Business Advisory Council. From 2016-2017, he was the Panel Lead for the Collegiate Working Group for the U.S. Department of Homeland Security's National Initiative for Cybersecurity Education (NICE). Kevin, a Navy Veteran, regularly provides expert commentary regarding cybersecurity and national security concerns for varying local, national, and international media outlets.Find us on LinkedIn or email us at cyberside@epiqglobal.com.

You hold a variety of roles, from advisor, podcast host, CISO and have a great industry presence. How do you juggle it all, and what drives you to do so much?You recently spoke about emotional intelligence; do you feel it is overlooked in tech and cyber?You speak a lot about leadership in Cybersecurity. What are some of the characteristics you think are the most important for the modern cyber leader?We know you often dive into Cloud security. You recently made some comments about SaaS Security Posture Management (SSPM). What is that and why do folks need it?Why do you feel that SaaS Security in general gets overlooked in the conversation on Cloud security?

Jerich Beason & Whitney McCollum speak on this Cyberside Chat to discuss the recent Merck & Co. cyber insurance win and how this impacts future wars fought with cyber weapons such as the conflict in Ukraine.  This case sets a precedent for how legal teams and cyber insurers will draft contracts in the future.  What defines war? Could a separatist group or terrorist attack be considered an act of war, or does it require a nation state? Should you worry about your third parties' diligence on their contracts? If your third party is attacked and you are collateral damage, how are you protected?  They discuss how insurance companies are providing less coverage but charging higher premiums all while expecting organizations to prove the maturity of their cybersecurity programs. Articles & Links for referencehttps://news.bloomberglaw.com/privacy-and-data-security/mercks-1-4-billion-insurance-win-splits-cyber-from-act-of-warhttps://www.bloomberglaw.com/public/desktop/document/MerckCoIncvsAceAmericanInsuranCeDocketNoL00268218NJSuperCtLawDivA?1646370280https://supreme.justia.com/cases/federal/us/263/487/ Jerich Beason  https://www.linkedin.com/in/jerich-beasonWhitney McCollum  https://www.linkedin.com/in/whitneymccollum

As the Chief Information Security Officer at Epiq, Jerich Beason is responsible for ensuring the security of the company's digital assets as well as transforming the Epiq cybersecurity program into a world-class industry leader. Jerich has spent his career building industry-leading cybersecurity programs to protect some of the nation's most sensitive assets.

In today's Cyber Security Matters episode, Dominic Vogel and Christian Redshaw are joined by Jerich Beason, Sr. Vice President, CISO at Epiq. Jerich is a security executive, public speaker, podcast host and a contributor on Forbes. He is an expert in information security management, vendor management, and vulnerability assessment.  During our conversation we will discuss: -How to translate cyber security into dollars and cents  -Why it's important for companies to invest in cyber security in their early stages  -Cyber security basics that organizations should start with -What a Chief Information Security Officer (CISO) can do for your organization Here is how you can connect with Jerich: -Website: www.epiqglobal.com -LinkedIn: @Jerich-Beason

Dr Zero Trust – Chase Cunningham creator of the Zero Trust eXtended Framework joins Jerich Beason & Whitney McCollum for today's Cyberside Chat to discuss the principles and types of technologies that support a zero trust architecture and whether you are negligent if you are not adopting a Zero Trust methodology.  While companies are concentrating on delivering the best service to their customers, they also need to begin ingraining what would be considered reasonable security measures into their processes. They discuss how Zero Trust means you implicitly trust no one, verify often , and make sure when the bad guys get in, they are segmented so they won't be successful in causing widespread damage. To conclude the show, they share both a CISOs and a lawyer's perspective on negligence in cyber and whether it can be proven in court.  Articles & Links for referencehttps://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdfhttps://www.cisco.com/c/dam/m/en_sg/solutions/security/pdfs/forrester-ztx.pdfhttps://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ BIOGRAPHYChase Cunningham is the creator of the Zero Trust eXtended framework and a cybersecurity expert with decades of operational experience in NSA, US Navy, FBI Cyber, and other government mission groups, Chase is responsible for ZTEdge's overall strategy and technology alignment. Chase was previously VP and Principal Analyst at Forrester Research; Director of Threat Intelligence for Armor; Director of Cyber Analytics for Decisive Analytics; and Chief Cryptologic Technician, US Navy. He's author of the Cynja series and Cyber Warfare: Truth, Tactics, and Strategies. Dr Zero Trust Podcast - https://podcasts.apple.com/us/podcast/drzerotrust/id1570251081 Chase Cunningham  https://www.linkedin.com/in/dr-chase-cunningham-54b26243/Jerich Beason  https://www.linkedin.com/in/jerich-beasonWhitney McCollum  https://www.linkedin.com/in/whitneymccollum #ZeroTrust #Epiq #Cybersecurity #Negligence #CyberSideChats #legal Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice and they represent their views only and not those of their respective companies.”

In this episode of To Comply Or Not To Comply, AJ is joined by friend, ByteChek Board Advisor, Senior VP & CISO at Epiq, Jerich Beason. The two share their thoughts on preparing for a crisis, how to leverage your confidence and muscle memory in the heat of decision making, and why communication is so vital when handling an incident. Furthermore, Jerich dives into the roles and responsibilities of a security leader and the importance of empathy and saying ‘thank you!' Lastly, AJ and Jerich reflect on what security compliance is, why we are getting it wrong, and what it could become.   Key Takeaways: 01:20  Bio 03:50  Courage and confidence in decision making 06:42  Reacting to a crisis 09:35  Communication is key 13:24  Staying prepared 19:46  Tips for leaders - saying "thank you!" 24:26  Compliance and celebrity vulnerabilities 30:47  Stop saying SOC 2 compliant! 35:17  Drowning in info, but starving for knowledge   Links: To Comply or Not To Comply: Website | AJ Jerich Beason: LinkedIn | Podcast | Blog

#CISOThursdays​: Breaking Into Cybersecurity + Jerich Beason 12/16/21 It's #CISOThursdays​​ @ 1pm eastern! Join us as we discuss recent news and hot topics in security. James Azar, CISO Talk podcast host & the crew are ready, as always, for a lively discussion. Our guest host today is the amazing Jerich Beason! About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity​ #breakingintocybersecurity ​​ #informationsecurity ​​ #JamesAzar ​#ChrisFoulon​ #ReneeSmall ​#InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://www.amazon.com/dp/1955976007 _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com • Podcast: https://anchor.fm/breakingintocybersecurity • YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity --- Support this podcast: https://anchor.fm/breakingintocybersecurity/support

Jerich Beason, SVP & CISO at Epiq, joins Chris and Ron to talk passion, purpose and how that plays a part in cyber. Jerich sits on panels, speaks at conferences and events & contributes to white papers and security articles. He also serves as a Board advisor to security startups. Jerich is currently the host of Epiq's podcast, Cyberside Chats which has the mission of increasing knowledge and awareness of cybersecurity within the legal industry.   Key Takeaways:   02:50 Bio 03:48 Choosing an education in cyber 05:00 Origin story – why cyber? 09:58 Jerich touches on why some cyber veterans are discouraging newcomers 12:26 Inspiring the future generation 15:20 Talking passion & calling 17:17 A day in the life of Jerich 20:10 Avoiding burnout & fulfilling purpose 23:15 Zero-Trust 26:34 The future in security program building     Links: Hacker Valley Studio: Swag | LinkedIn | Twitter | Instagram | Email Ron & Chris | Website  Jerich Beason: LinkedIn | Podcast | Twitter Support Hacker Valley Studio on Patreon Join our monthly mastermind group via Patreon This Episode is sponsored by CrowdStrike. Find a home with CrowdStrike here.

Jerich Beason is joined by Erik Weinick. Erick's experience includes privacy, cybersecurity, bankruptcy, commercial torts, defamation/slander, regulatory to name a few. He is also the co-founder of Otterburg's Privacy & Cybersecurity Practice and has contributed multiple pieces of thought leadership on cyber security. Jerich and Erik discuss why an organization should consider retaining a cyber attorney, when they should consider taking that step and how an introductory conversation would go if an organization called to use his services.

Jerich is joined by Rob Shavell.  Rob is CEO of Abine / DeleteMe, The Online Privacy Company. Rob has been quoted as a privacy expert in the Wall Street Journal, New York Times, The Telegraph, NPR, ABC, NBC, and Fox. Rob is a vocal proponent of privacy legislation reform, including the California Privacy Rights Act (CPRA).In this episode, Robert Shavell and Jerich Beason opine on the threats posed by data scraping and data brokers.  They discuss ways companies and individuals can protect themselves and their PII.The article mentioned in today's episode can be found here:https://joindeleteme.com/blog/brokers-not-breaches-largest-privacy-threat/Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Jerich Beason is a cyber security hobbyist turned professional who holds Bachelors and Masters degrees in Cyber Security. He has served in progressive roles at some of the most respected companies within the cyber security industry including Lockheed Martin, RSA and Deloitte where he was a trusted advisor to executives within the federal government and fortune 500 organizations. Jerich advised these companies on cyber security strategy, architecture and program development. In his most role as Deputy CISO at AECOM, he was responsible for security architecture, risk management, compliance, and the overall security strategy. As a thought leader in cyber security, Jerich has been invited to sit on panels, speak at conferences and events contribute to white papers and security. Jerich is currently the host of Epiq's new podcast, Cyberside Chats which has the mission of increasing knowledge and awareness of cyber security within the legal industry At Epiq, Jerich serves as Sr. Vice President and Chief Information Security officer where he leads the Global enterprise and Product Security organizations. @blanketSec https://www.linkedin.com/in/jerich-beason-874b908/  

On today's episode we are joined by Jerich Beason, senior vice president and CISO at Epiq. He delves into advice on networking, knowing which job is right for you, and how to build trust as a CISO.    Advice to Younger Self Beason says he would have spent more time on relationships. While he had relationships, he wishes he had done more to maintain those relationships across gigs. Keep up contact with people, you never know when you may want to connect down the line.  So how do you upkeep relationships? Being intentional with your responses is important. Reach out and update those you are connected with. Who you know is extremely important in the job market. Keep in mind those people who have helped you along the way. A simple thank you goes a long way.    Network Don't focus all your energy networking at the top. Network with everyone. It will help with hires and building teams. So who should you reach out to? Network with people who are where you want to be. Also reach out to a peer group. Mentor when you have the chance, as well.   Wasted Time? Young Jerich wasted time chasing a lot of certifications. An ongoing list of certifications takes a lot of time to obtain, but they do not necessarily stay relevant. Be deliberate about the ones you go after. His most valuable certifications are IT focused.    Epiq Cyberside Chats Beason hosts a podcast of his own which he discusses. It is relatively new with goals of working to be a leader in the industry of cybersecurity.    New Opportunities You have a current position but are offered a new opportunity. What do you do? How do you make that decision? Beason walks us through his experience choosing a new job and what influenced his decision. He thought about his personal brand and what he wants to do as a CISO.  He had open discussions with his boss about being torn in his decision. It was a brief discussion but helped provide clarity in the situation.    Personal Branding Think about what success means to you and what you want to achieve. How do you want to look back on your career?    Trust As the first CISO in the company, much of his role early on was teaching people what a CISO was. He gained the trust of people in the company over time. He helped rebuild trust in the business. Strategy can only be successful if there is trust behind it.  How do you know if you have trust? Trust is a combination of character and competence. Beason tries to demonstrate trust by showing that his goal is to help the organization succeed.  Reaching out to top customers is extremely important. Communicating changes both short term and in strategy is necessary.     Three Phases 1). Foundation to work on preventing attacks 2). Play with more cutting edge technologies to build on foundations 3). Reach back and have transparency   Be Knowledgeable  You have to know about what you are protecting in order to succeed. Having a complete picture is essential. Utilizing technology to gain visibility can be useful. Beason feels as if he has knowledge of 99% of their devices.    Recommendations Beason recommends several books that have helped him along his journey as a CISO. He suggests several books on trust including “Speed of Trust.”   Being a New CISO To Jerich, being a new CISO is different in every scenario. Being able to speak the lingo and have a seat at the table is important as is understanding security fundamentals. Most importantly, recognize the changing nature of the job.     Links: Exabeam Podcasts Epiq Global

Jerich Beason is joined by John Grange,  who the co-founder and chief technology officer at OpsCompass which is a SaaS product that provides continuous, cloud-native governance and security in Azure, AWS, GCP, and Microsoft 365.Jerich and John discuss the nuances of the public cloud, risks and rewards with using it, and best practices for securing it.The article mentioned in today's episode can be found here:Best practices for securing the public cloud by Bruce Gibson via ermetic Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Jerich Beason is joined by Don Dennis, who is an attorney focusing on  copyright and trademark infringement, Internet law, defamation, trade secret misappropriation, data security breach, and privacy law.Jerich and Don discuss what escrow software is, why it matters to the legal industry, and how it can be used to protect important data.The article mentioned in today's episode can be found here:Source Code Escrow Agreements Are Reaching For The Cloud from Lowenstein Sandler LLP via JDSupraFind us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Jerich Beason is joined by Meg Hargrove, who is now at IBM as part of their X-Force Cybersecurity Incident Response Team.  Jerich and Meg discuss how to manage an incident response team, who should be part of a company's security tabletops (hint: legal!), and advice for legal teams interested in being a better advocate for cybersecurity in the incident response process.The article mentioned in today's episode can be found here:The Legal Issues in Cyber Incident Response – Risk Management from RM MagazineFind us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Jerich Beason is joined by Jacob Ingerslev. who is head of cyber risk at The Hartford. Together, they discuss why cyber insurance is so important, how the uptick in ransomware is escalating this need, and everything in between.The article mentioned in today's episode can be found here:"The Next Five Years: Cyber Insurance Predictions Through 2025"  from Forbes.Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Jerich Beason is joined by AJ Yawn, who is the co-founder and CEO of Bytechek, to explore the value of SOC2 certifications and review the merits of President Biden's latest executive order on cybersecurity. The article, authored by AJ, that is discussed in this episode can be found here:How law firms can demonstrate strong cybersecurity practices in CISO Magazine.Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

Jerich Beason is joined by Whitney McCollum who is vice president, assistant general counsel, and chief IP and data protection counsel at AECOM. Together, they discuss the importance of data access, how COVID19 has changed data concerns for organizations, the implications of information governance (hint: it's not just compliance), how cyberattacks can influence a vendor partnership, and advice on joining the cybersecurity industry.The  article mentioned in today's episode can be found here:"Corporate governance in the digital economy: The critical importance of information governance" by Information Governance ANZFind us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

In this latest CISO Talk episode Jerich Beason tunes in to share his journey to the role of the CISO. Jerich also discussed his study of trying to understand the human behavior to address the most common security challenges and shares some insight and thought into that which is bound to provoke a conversation.   Jerich's Bio: Jerich Beason is a Security hobbyist turned professional who holds Bachelors and Masters degrees in Cyber Security. He has served in progressive roles at some of the most respected companies within the cyber security industry including Lockheed Martin, RSA and Deloitte where he was a trusted advisor to executives within the government and fortune 500 organizations. Jerich advised these companies on cyber security strategy, architecture and program development. In his previous role at AECOM, he was responsible for security architecture, risk management, compliance, and the overall security strategy. At Epiq, Jerich serves as Sr. Vice President and Chief Information Security officer where he leads the global enterprise and product security organizations.   Jerich's Linkedin Profile: https://www.linkedin.com/in/jerich-beason-874b908/   CISO Talk is supported by these great partners please make sure to check them out: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Whistic: www.whistic.com/cyberhub   **** James Azar Host of CyberHub Podcast James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen Here: https://linktr.ee/CISOtalk