- 335
- 22 790
The Virtual CISO Podcast
United States
Registrace 25. 02. 2020
The Virtual CISO Podcast is a frank discussion that provides the very best information security advice and insights for Security, IT and Business leaders. If you’re looking for the latest strategies, tips, and trends from seasoned information security practitioners, want no-B.S. answers to your biggest security questions, need a perspective on how your peers are addressing the same issues, or just simply want to stay informed and proactive, welcome to the show. Our moderator, John Verry, chats with industry thought leaders to ensure you have what you need to be confident in your security and compliance. John will keep you informed, and perhaps even mildly entertained through topics like ISO 27001, breach avoidance, incident response, dealing with pesky security questionnaires, data privacy, and managing vendor risk. Think of it as security… with a smile.
Can you spell CNAPP without CSPM?
In this clip, Arick Goomanovsky delves into the foundational role of CSPM (Cloud Security Posture Management) within CNAPP solutions. He explains how CSPM provides visibility into cloud configurations, detects misconfigurations, and ensures compliance with security policies. The conversation highlights how CSPM has evolved as a critical element in cloud security, forming the backbone of CNAPP by managing cloud infrastructure configurations securely.
To hear more, listen to the full episode of the vCISO podcast here: czcams.com/video/WB6s6w2vuCk/video.html
To hear more, listen to the full episode of the vCISO podcast here: czcams.com/video/WB6s6w2vuCk/video.html
zhlédnutí: 1
Video
What is CNAPP? Why is it important?
zhlédnutí 6Před 4 hodinami
In this insightful segment, John Verry and Arick Goomanovsky discuss the significance of CNAPP (Cloud-Native Application Protection Platform) and its role in modern cloud security. Arick breaks down how CNAPP integrates various security components like CSPM, CWPP, and CIEM to address the complexities of cloud environments. They emphasize the growing need for a comprehensive approach to cloud se...
CNAPP - Secure Cloud Apps in a Snap
zhlédnutí 9Před 14 hodinami
In this episode of The Virtual CISO Podcast, your host, John Verry, sits down with Arick Goomanovsky, Chief Product Officer at Tenable Cloud Security, to explore the evolving landscape of cloud security and the critical components that make up a comprehensive cloud-native application protection strategy. Join us as we discuss: · The fundamentals of CNAPP (Cloud-Native Application Protection Pla...
Content disarmament & reconstruction to eliminate file borne threats
zhlédnutí 4Před měsícem
In this compelling segment, Aviv Grafi, CTO and founder of Votiro, explains to John Verry the concept of Content Disarmament and Reconstruction (CDR) technology. Learn how CDR removes potential threats from documents by regenerating safe versions, allowing organizations to maintain productivity without sacrificing security. To hear more, listen to the full episode of the vCISO podcast here: czc...
Why email filtering is often ineffective against poisoned document attacks
zhlédnutí 10Před měsícem
In this insightful clip, Aviv Grafi, CTO and founder of Votiro, discusses with John Verry the challenges of using email filtering to prevent poisoned document attacks. Aviv explains how attackers quickly generate new malicious documents, making it difficult for email filters to keep up. They also highlight the productivity issues caused by email filtering's limitations. To learn more, listen to...
Stopping Business Email Compromise with a Novel Malicious File Reconstruction Approach
zhlédnutí 15Před měsícem
In this episode of The Virtual CISO Podcast, your host, John Verry, engages in a conversation with Aviv Grafi, CTO and founder of Votiro, as they discuss innovative solutions to combat business email compromise. Join us as we discuss: - The mechanisms of business email compromise - How malicious files are used in cyberattacks - The limitations of traditional security methods - The benefits of m...
The Urgency of CMMC Certification
zhlédnutí 16Před měsícem
In this clip, host John Verry and guest Chris Petersen analyze why so many organizations are waiting to get moving with CMMC certification, despite understanding that it will take more than a year to get certified and another 20% believing it will take more than two years. With CMMC enforcement less than a year away, Chris and John discuss this paradoxical data from Radical’s DIB Cybersecurity ...
The Importance of Proper Scoping in SSPs
zhlédnutí 8Před měsícem
In this clip, host John Verry and guest Chris Petersen explore whether the root cause of the difficulties in security monitoring within the DIB is poor scoping in the System Security Plans (SSPs). They discuss how critical it is to have clear and accurate scoping to ensure effective security measures are in place. To learn more, listen to the full episode of the vCISO podcast here: czcams.com/v...
Assessing Security Skills: Perception vs. Reality
zhlédnutí 12Před 2 měsíci
In this clip, host John Verry and guest Chris Petersen discuss the results of Radical’s DIB Cybersecurity Survey. Interestingly, 67% of DIB companies rated their security skills high or very high, which was mildly surprising and potentially inconsistent with other survey responses. They delve into why there might be a gap between perceived and actual security capabilities. To hear more, listen ...
DIB Security - Interesting Observations from a Significant Stud
zhlédnutí 29Před 2 měsíci
Join us for an engaging episode of the Virtual CISO Podcast with host John Verry. This episode features Chris Petersen, co-founder of LogRhythm and current CEO of Radical. Chris brings over two decades of experience in cybersecurity, offering deep insights into the industry's challenges and advancements. In this episode, we'll explore: - The surprising results from Radical’s DIB Cybersecurity S...
Should you have a PR firm on your Incident Response/Crisis Management Team?
zhlédnutí 7Před 2 měsíci
In this clip, host John Verry and guest Kevin Dinino discuss the importance of having PR expertise in incident response plans. Kevin explains how effective communication is crucial in managing both internal and external stakeholders during a crisis. They highlight the need for PR professionals to handle media inquiries and ensure consistent messaging to protect the organization's reputation. To...
Good External Communication Can Minimize the Impact of a Cyber Incident
zhlédnutí 3Před 2 měsíci
In this clip, host John Verry and guest Kevin Dinino discuss how crisis management extends beyond cyber incidents. They emphasize the importance of tailored communication strategies for different crises, such as product recalls or operational disruptions. Kevin highlights the need for comprehensive plans that integrate crisis response into overall risk management to protect reputation and stake...
Integrating Crisis Management into Incident Response
zhlédnutí 15Před 2 měsíci
In this clip, host John Verry and guest Kevin Dinino discuss the difference between incident response and crisis management. They highlight the importance of communication and consistent messaging to prevent a cyber incident from escalating into a crisis. Kevin emphasizes the need for clear protocols and dedicated strategies to manage stakeholders effectively during such events. To hear more, l...
How adding Crisis Management to your Incident Response Plan can save your bacon?
zhlédnutí 23Před 2 měsíci
Join us for an engaging episode of the Virtual CISO Podcast with host John Verry. This episode features Kevin Dinino, President of KCD PR, who delves into the critical aspects of crisis management and communications. Kevin brings over 20 years of experience in guiding companies through the complexities of strategic communications, particularly in the cybersecurity, financial, and technology sec...
Can SaaS & Data Privacy Co-Exist?
zhlédnutí 32Před 3 měsíci
In this segment, John Verry and William Eshagh discuss the vulnerabilities of using third-party SaaS providers, highlighting how external parties can exploit sensitive data. They reference a case where vehicle data affected insurance rates, emphasizing the need for robust data governance tools like confidential computing and customer-managed encryption keys to enhance privacy and reduce trust d...
Are SaaS and Autonomy mutually exclusive?
zhlédnutí 17Před 3 měsíci
Are SaaS and Autonomy mutually exclusive?
Is Consuming SaaS an Information Security Faustian Bargain
zhlédnutí 35Před 3 měsíci
Is Consuming SaaS an Information Security Faustian Bargain
Backups & Responding to a Security Incident
zhlédnutí 13Před 3 měsíci
Backups & Responding to a Security Incident
Best of Breed or Single Vendor - Which approach yields better security?
zhlédnutí 11Před 3 měsíci
Best of Breed or Single Vendor - Which approach yields better security?
Is Reducing Complexity the Answer to Reducing your Ransomware risk?
zhlédnutí 11Před 3 měsíci
Is Reducing Complexity the Answer to Reducing your Ransomware risk?
Combating Ransomware: Strategies and Insights with Sagi Brody
zhlédnutí 11Před 3 měsíci
Combating Ransomware: Strategies and Insights with Sagi Brody
Using ISO 27001 and ISO 42001 to Manage AI Risk
zhlédnutí 78Před 4 měsíci
Using ISO 27001 and ISO 42001 to Manage AI Risk
You Might be Exposing Confidential Info When Using AI
zhlédnutí 33Před 4 měsíci
You Might be Exposing Confidential Info When Using AI
AI Risks You Might Not Be Thinking About
zhlédnutí 29Před 4 měsíci
AI Risks You Might Not Be Thinking About
AI Risk Management - Is ISO 42001 the Solution?
zhlédnutí 168Před 4 měsíci
AI Risk Management - Is ISO 42001 the Solution?
Using Distributed Ledger Technology to Simplify Security & Compliance with Privacy Laws
zhlédnutí 6Před 4 měsíci
Using Distributed Ledger Technology to Simplify Security & Compliance with Privacy Laws
A Concise Description of Distributed Ledger Technology
zhlédnutí 27Před 4 měsíci
A Concise Description of Distributed Ledger Technology
If you are not paying for the product, you are the product!
zhlédnutí 17Před 4 měsíci
If you are not paying for the product, you are the product!
Can Distributed Ledger Technology Simplify Privacy Compliance?
zhlédnutí 49Před 5 měsíci
Can Distributed Ledger Technology Simplify Privacy Compliance?
The benefits of leveraging TISAX’s Simplified Group Assessment
zhlédnutí 4Před 5 měsíci
The benefits of leveraging TISAX’s Simplified Group Assessment
Great
I have repeated this phrase over and over to my friends and family. It is sad how many people don’t understand this.
Nice informative session regarding Tisax 6:0, thanks 😊
Great interview , thank you . Happy to cooperate with you in UAE -Abu Dhabi audits , training and consultancy
Thanks to the CBIZ Pivot Point Security team! Very informative.
The visuals are stunning. 👏
I love the content, surprised this doesnt have more views honestly. Out of curiosity, why would the CIO be qualified to turn a business/management need into a technology plan and then hand that plan off to a CTO/director of technology? It would seem to me that a CIO would have more of a business background and so the CTO (or someone with a more technical background in general) should be responsible for turning a business need into a technology plan. My thought process is; how can you propose an IT plan without knowing what technology solutions are out there, since that pretty much determines the feasibility of the plan itself. Maybe im failing to understand the true role of the CIO in all of this.
is this channel dead? I guess i'm too late for this gem
Great discussion. I wanted to know whether ROPA & Data Mapping used interchangeably?
Thanks gentlemen....the video is shot but very insightful......👌
Hi @JohnVerry, @The VirtualCISO Project, Great hosting
0:22 coronavirus-win.online
Is it really true that 40% of SMBs don’t recover from a long outage -- doesn’t that seem high?
Amazing content! You deserve more subscribers. Why don’t you use SMZeus”dot”com!? It’s the best way to grow your channel!
Brilliant work! Keep it up! Would you like to be CZcams friends? :]
Good! Keep it up! Would you like to be CZcams friends? :]