In this episode of CyberOXtales Podcast, host Neatsun Ziv, CEO of OX Security, interviews Ira Winkler, CISO and Vice President of CYE. They discuss the challenges faced by CISOs in obtaining the necessary budgets for their cybersecurity programs. Ira emphasizes the importance of CISOs understanding the business side of cybersecurity and being able to demonstrate the return on investment (ROI) of their efforts. He discusses the limitations of current risk quantification models, such as FAIR, and proposes a more advanced approach that combines machine learning and graph flow theory to calculate cyber risk and identify optimal countermeasures. Ira also highlights the need for CISOs to more effectively and efficiently communicate real threats and potential financial losses to the organization in order to justify their budget requests.
About Our Guest:
Ira Winkler is a renowned cybersecurity expert and award-winning CISO. He started his career as an intelligence analyst at the NSA before transitioning to become a computer systems analyst. Ira has worked for various government agencies and private companies, including HP and Walmart, where he held positions such as Chief Security Strategist and Chief Security Architect. He is currently the CISO at CYE Security, an Israeli company specializing in cyber risk optimization. Ira has authored seven books on cybersecurity and is recognized as a leading authority in the industry.
Key Takeaways:
- CISOs often struggle to obtain the budgets they need for their cybersecurity programs because they fail to demonstrate the ROI of their efforts.
- Understanding the business side of cybersecurity is crucial for CISOs to effectively communicate the value they bring to the organization.
- Risk quantification models like FAIR provide a high-level framework but lack the precision and actionable insights needed for budget justifications.
- Advanced approaches that combine machine learning, Monte Carlo algorithms, and graph flow theory can provide more accurate risk calculations and help identify the most effective countermeasures.
- CISOs should gather historical data, analyze industry trends, and highlight real-world examples of cyber threats to support their budget requests.
Popular Podcasts
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.