Created with Sketch.
8 minutes | Oct 14, 2021
Tackling Risk Probability and Impact
Today I’ll discuss risk probability and impact and give you some examples to build your own impact and probability table.ProbabilityImpactThanks.Dr. Bill SouzaCEO/FounderE|CE - Executive Cyber Educationhttps://www.execcybered.com
8 minutes | Sep 26, 2021
5 Cybersecurity Challenges
Today I’ll touch on the topic of Cyber Risk & Cyber Investment challenges.ImprovingExploitsAttack pathsAttacker behaviorInvestmentThanks.Dr. Bill SouzaCEO/FounderE|CE - Executive Cyber Educationhttps://www.execcybered.com
7 minutes | Sep 9, 2021
Lacking Basic Cybersecurity Practices
The show today is based on an article titled, “Global utilities lacking basic cybersecurity practices.” Although the article was focused on utilities, the guidance is applicable to every industry, so I will touch on a few recommendations that could be useful to you as well, regardless of industry.Links mentioned on the show:Article: Global utilities lacking basic cybersecurity practices says expert (powerengineeringint.com)Webinar: https://www.execcybered.com/nist-csf-replayThanks.Dr. Bill SouzaCEO/FounderE|CE - Executive Cyber Educationhttps://www.execcybered.com
11 minutes | Aug 26, 2021
Cybersecurity Basics - What you Need to Know
We are so focused on the threats and the vulnerabilities that allowed a hack to occur, that we forget the basics. The protection necessary to prevent or slow down these attacks already exists, and they exist for a long time.Thanks.Dr. Bill SouzaCEO/FounderE|CE - Executive Cyber Educationhttps://www.execcybered.com
6 minutes | Aug 19, 2021
Cybersecurity Exceptions - Part 3 (FINAL)
In today's episode, I will discuss exceptions tracking and expirations. This is the last episode in a three-part series on cybersecurity standard exceptions.Thanks.Dr. Bill SouzaCEO/FounderE|CE - Executive Cyber Educationhttps://www.execcybered.com
6 minutes | Aug 12, 2021
Cybersecurity Exceptions - Part 2
As I mentioned in my previous episode, there’s much more to discuss on cybersecurity exceptions, such as the risk they pose to the organization and the hidden dangers of cumulative risk. Blog: https://www.execcybered.com/blog/cybersecurity-exceptions-part-2Thanks.Dr. Bill SouzaFounder & CEOE|CE - Executive Cyber Educationwww.execcybered.com
6 minutes | Aug 5, 2021
Cybersecurity Exceptions - Part 1
If your cybersecurity standards were written to protect the organization, why do you have security exceptions? Your standard development team writes an excellent standard; it follows all the best practices of the NIST Cybersecurity Framework, the ISO 27001, or any other industry-recognized standards and frameworks, but most of all, it is common sense, right? Anyone working on or with a cybersecurity team in a large organization knows this does not happen! Exceptions happen.Dr. Bill SouzaFounder & CEOE|CEwww.execcybered.com
6 minutes | Jul 30, 2021
Cybersecurity - Asset Classification
Asset classification is the foundation of everything else to come in cybersecurity; it will help your organization, for example, small or large, to better understand, manage, identify, and classify your assets.Episode: Cybersecurity - Asset Classification (execcybered.com)Dr. Bill SouzaFounder & CEOExecutive Cyber Education
10 minutes | Dec 31, 2020
In this episode, I will discuss three challenging areas where cybersecurity education is falling short in preparing students and professionals to succeed in the field.
10 minutes | Aug 5, 2020
Cybersecurity Investment & Risk Strategy
In this episode, I discuss how to leverage your risk framework to make sound cybersecurity investment decisions. I addressed two critical questions that you will need to know the answers; first, how can you tell your program is doing the right thing? and second, How can you tell you are protecting the organization in a financially healthy way?Dr. B.Executive Cyber Educationwww.execcybered.comeBook: https://www.execcybered.com/risk-identification-ebook
16 minutes | Jun 14, 2020
Critical Systems: Asking the Right Questions
To get results you need to ask the right question, collect the data, analyze, and develop a robust and factual interpretation. This episode will guide you through the thought process and give you some ideas on how to develop a strong argument on where you should focus your cybersecurity investments and tools.Infographic: https://executive-cyber-education.mykajabi.com/identification-analysisDr. B.
16 minutes | Jun 9, 2020
Cyber Risk Identification
Today’s episode I will discuss a strategy to identify critical systems in your organization. The steps I will discuss today will make sure your program is objective and repeatable.The eBook mentioned in this podcast can be downloaded here:https://executive-cyber-education.mykajabi.com/risk-identification-ebookThanks.Dr. B.https://execcybered.com/podcast-1
13 minutes | Apr 26, 2020
Key Risk Indicators
Today’s episode we will discuss how to identify KRIs (key risk indicators). I’ll discuss a simple and effective way to do it; there seems to be a lot of confusion on what to measure and for a long time, subject matter experts believe we can’t measure Cybersecurity.
17 minutes | Apr 7, 2020
Tail Risks: What are you going to do differently?
Today’s episode, we will discuss “tail risk” and the impact it may have on organizations when it’s realized. Given our current environment, it seems entirely appropriate for us to have this meaningful discussion.
13 minutes | Mar 1, 2020
Risk Formula: What's wrong with it?
Today’s episode we will discuss the popular risk formula, “Risk = Threat x Vulnerability x Consequence/Impact and its limitations to actually provide accurate information for a cybersecurity investment or tactical decision. I will be leveraging the “Risk Analysis and Management for Critical Asset Protection (RAMCAP) framework that was also used by the Department of Homeland Security.
15 minutes | Jan 17, 2020
Threat Reports: What's Missing
I will discuss “Threat Reports,” specifically eight 2019 reports; the 2019 data breach investigations report by Verizon; 2019 data breach investigations report (executive summary) by Verizon; 2019 annual report, state of cyber security by security in depth; cyber security report by darkmatter; Q2 2019 Cybersecurity threatscape by Positive Technologies; 2019 Cyber Security Risk Report by Aon; the 2019 global threat report by CrowdStrike; and cyber trendscape 2020 by fireeye. My discussion will focus on what these reports don’t say and how to use them in your Cybersecurity organization.Dr. B.www.execcybered.com
16 minutes | Dec 23, 2019
Security Controls Selection
Today’s episode we will discuss a strategy to select controls to assess, this strategy can be used to select any controls for your assessment, as a framework for security control selection, this approach is standard or regulatory standard agnostic. The steps we will discuss today will make sure your control selection is objective and repeatable.
10 minutes | Dec 10, 2019
Assessments: System Selection
Today’s episode we will discuss a strategy to select an environment to assess, this strategy can be used from your first assessment to developing an assessment calendar. The steps we will discuss today will make sure your assessment selection is objective and repeatable.Dr. B.www.execcybered.com
17 minutes | Dec 2, 2019
Cyber Risk & Cyber Governance Overall Program
In this episode, we discuss an overview of our cybersecurity risk and governance program. Here I'll discuss what we are trying to achieve in the next several podcasts. Starting from choosing an environment and business organizations to establishing a residual risk for your cybersecurity organization that you can trust. Our overview will touch on environment selection, security controls, control assessments, risk identification, and much more.
33 minutes | Nov 19, 2019
There are six-step in a cybersecurity program assessment framework. I will discuss each step of the framework and how it will help you to achieve a comprehensive assessment. A cybersecurity program assessment is a process, that you will design to provide your company or department with a comprehensive review of the tools, processes they implemented, policies, standards, procedures, and practices in place at your organization.Dr. B.www.execcybered.com
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2021