CISO Tradecraft®

CISO Tradecraft®

Welcome to CISO Tradecraft®. A podcast designed to take you through the adventure of becoming a Chief Information Security Officer (CISO) and learning about cyber security. This podcast was started because G Mark Hardy and Ross Young felt impressed to help others take their Information Security Skills to an executive level. We are thrilled to be your guides to lead you through the various domains of becoming a competent and effective CISO.

Episodes

December 11, 2023 23 mins

In this episode of CISO Tradecraft, host G. Mark Hardy guides listeners on how to refresh their cybersecurity strategy. Starting with the essential assessments on the current state of your security, through to the creation of a comprehensive, one-page cyber plan. The discussion covers different approaches to upskilling the workforce, tools utilization, vulnerability management, relevant regulations, and selecting the best solution ...

Mark as Played

Discover the key to a more effective cybersecurity strategy in the newest episode of CISO Tradecraft! We're talking SOC tools, building a data lake for security, and more with guest Noam Brosh of Hunters. Don't miss it!

Big Thanks to our Sponsors

Noam Brosh - https://www.linkedin.com/in/noam-brosh-5743938/

Transcripts: https://docs.google.com/d...

Mark as Played
November 27, 2023 36 mins

In this episode of CISO Tradecraft, G Mark Hardy and Hasan Eksi from CyberNow Labs continue the discussion about the vital skills needed for an effective incident responder within a Security Operations Center (SOC). The skills highlighted in this episode include: incident triage, incident response frameworks, communication, collaboration, documentation, memory analysis, incident containment and eradication, scripting and automation...

Mark as Played

In this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detectio...

Mark as Played
November 13, 2023 43 mins

In this episode of CISO Tradecraft we have a detailed conversation with Hasan Eksi from CyberNow Labs. G Mark and Hasan discuss the top 20 skills required by incident responders, covering the first 10 in part 1 of this series. The discussion ranges from understanding cybersecurity fundamentals to incident detection, threat intelligence, and malware analysis. This episode aims to enhance listeners' understanding of incident response...

Mark as Played
November 6, 2023 41 mins

In this episode of CISO Tradecraft, host G Mark Hardy welcomes special guest Amer Deeba, CEO and co-founder of Normalyze. They focus on the importance of data security in today's cloud-centric, multi-platform tech environment. Amer shares valuable insights on the need for a data security platform that offers a unified, holistic approach. The conversation also delves into the importance of understanding the value of your data, and h...

Mark as Played

On this episode we talk about the differences between Gamification and Game-Based Learning. We think you will enjoy hearing how Game-Based learning gets folks into the flow and creates novel training that resonates.  We also have a great discussion on how games can be applicable for Board Members and Techies.  You just need to get the right type of game for the right audience and let the magic happen.

Big Thanks to our Sponsors

Mark as Played

Learn the language of the board with Andrew Chrostowski. In this episode we discuss the 3 major risk categories of opportunity risk, cybersecurity risk and complex systems. We highlight intentional deficit and what to do about it. Finally, don't miss the part where we talk about the time for a digital strategy is past. What is needed today is a comprehensive strategy for a world of digital opportunities and existential cyber risks.

...

Mark as Played
October 16, 2023 45 mins

On this episode we do a master class on cyber warfare. Learn the terminology. Learn the differences and similarities between kinetic and cyber warfare. There's a lot of interesting discussion, so check it out.

Big thanks to our sponsor:

Risk3Sixty - https://risk3sixty.com/whitepaper/

Transcripts https://docs.google.com/document/d/1yJYoVs3pO4u_Zq8UC8YQmnYVGrsH93-H

Air Force Doctrine Publication 3-0 - Operations and Planning https:...

Mark as Played
October 9, 2023 17 mins

On this episode we discuss the measuring results cheat sheet from Justin Mecham.  Key focuses include:

  • Defining SMART Goals (Specific, Measurable, Achievable, Relevant, & Time-Bound)
  • Identifying KPIs (Key Performance Indicators)
  • Using the WOOP Model (Wish, Outcome, Obstacle, and Plan)
  • Using a Gap Analysis
  • Using the 5 Why Method
  • Using Plan, Do, Check, & Act.

Link to the Measuring Results Cheat Sheet https://www.lin...

Mark as Played
October 2, 2023 43 mins

On this episode we discuss the four key roles Boards play in cybersecurity.

  1. Setting the company's vision and risk strategy
  2. Reviewing assessment results
  3. Evaluating management cyber risk stance
  4. Approving risk management plans

Big thanks to our sponsor:

Risk3Sixty - https://risk3sixty.com/whitepaper/

Transcripts - https://docs.google.com/document/d/1jarCcQYioT59jtIrppH4xZqyAy4Vn_tB/

Chapters

Mark as Played
September 25, 2023 37 mins

On this episode we bring on the leading expert of threat modeling (Adam Shostack) to discuss the four questions that every team should ask:

  1. What are we working on?
  2. What can go wrong?
  3. What are we going to do about it?
  4. Did we do a good enough job?

Big thanks to our sponsor:

Risk3Sixty - https://risk3sixty.com/whitepaper/

Adam Shostack's LinkedIn Profile - https://www.linkedin.com/in/shostack/

Learn more about threat modeling...

Mark as Played
September 18, 2023 42 mins

There's a lot of new cyber attacks occurring and today we are going to talk about them in more detail.  Many bad actors are using SMS spoofing and Social Engineering to get in.  Listen in an learn about how those attacks played out against the casino industry. You don't want to miss when we share what you can do to stop them.  Pro-tip: Good MFA is your friend.  Use it everywhere you can including on your employees and customers dur...

Mark as Played
September 11, 2023 42 mins

Have you ever thought about what does it mean to say there has been a material incident? How is materiality determined? What is the history of how that term has been defined by U.S. Regulators. Listen to today's show and increase your CISO Tradecraft

Big Thanks to our Sponsors

Mark as Played
September 4, 2023 35 mins

On this episode we overview the CIS Document titled, "The Cost of Cyber Defense". https://www.cisecurity.org/insights/white-papers/the-cost-of-cyber-defense-cis-controls-ig1

Big Thanks to our Sponsors

  • Risk3Sixty - https://risk3sixty.com/whitepaper/
  • CPRIME - For those valuing leadership, policy, and governance in tech risk and security, Cprime is here to help. Enhance your skills with our training and workshops, ensuring effec...
Mark as Played
August 28, 2023 24 mins

In this episode of CISO Tradecraft, we delve into the evolving landscape of cybersecurity regulations. From data incident notifications to required contract language, we uncover common trends and compliance challenges. Learn how to prepare, adapt, and network within your industry to stay ahead. Tune in for insights and tips!

Thanks again to our Sponsors for supporting this episode:

  • Risk3Sixty: Check out Risk3Sixty's weekly thou...
Mark as Played

Here's a nice overview of cybersecurity on passwords, authentication, rainbow tables, and password managers. Enjoy the show and check out our other podcasts.

Special Thanks to our Sponsors:

  • Risk3Sixty: Being able to clearly articulate your vision for your security program to the board and other executives within your firm is critical to obtaining the buy in you need for your program's success. Risk3Sixty has created a presentat...
Mark as Played
August 14, 2023 33 mins

Join us at the heart of Hacker Summer Camp for insights into the cybersecurity world! Discover the art of asking powerful questions that can change your career and impact others. Learn how CISOs assess cyber solutions and how startups can win their attention. Uncover the secrets of building connections and value through meaningful inquiries. Don't miss this episode featuring expert advice on navigating the cybersecurity landscape.

...

Mark as Played

On this episode, David London and Adam Isles from the Chertoff Group stop by to discuss emerging risk topics such as AI, Supply Chain Attacks, and the new SEC regulations. Stick around and learn the tradecraft to better protect your company.

Special Thanks to our Sponsors:

Mark as Played
July 31, 2023 38 mins

Don't let Bobby the Intern cause havoc in your network. On this episode of CISO Tradecraft, G Mark Hardy discusses the importance of training new hires in cybersecurity to create a strong security culture within an organization. The focus is on shaping employees' behavior and beliefs to enhance the overall cybersecurity posture.

Special Thanks to our Two Sponsors:

1) The Chertoff Group: www.chertoffgroup.com

2) Prelude: https://ww...

Mark as Played

Popular Podcasts

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

    Crime Junkie

    If you can never get enough true crime... Congratulations, you’ve found your people.

    The Dan Bongino Show

    He’s a former Secret Service Agent, former NYPD officer, and New York Times best-selling author. Join Dan Bongino each weekday as he tackles the hottest political issues, debunking both liberal and Republican establishment rhetoric.

    Stuff You Should Know

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.

    The Bobby Bones Show

    Listen to 'The Bobby Bones Show' by downloading the daily full replay.

Advertise With Us
Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

© 2023 iHeartMedia, Inc.