In this episode of CyberOXtales Podcast, host Neatsun Ziv, CEO of OX Security, interviews Ira Winkler, CISO and Vice President of CYE. They discuss the challenges faced by CISOs in obtaining the necessary budgets for their cybersecurity programs. Ira emphasizes the importance of CISOs understanding the business side of cybersecurity and being able to demonstrate the return on investment (ROI) of their efforts. He discusses the limitations of current risk quantification models, such as FAIR, and proposes a more advanced approach that combines machine learning and graph flow theory to calculate cyber risk and identify optimal countermeasures. Ira also highlights the need for CISOs to more effectively and efficiently communicate real threats and potential financial losses to the organization in order to justify their budget requests.
About Our Guest:
Ira Winkler is a renowned cybersecurity expert and award-winning CISO. He started his career as an intelligence analyst at the NSA before transitioning to become a computer systems analyst. Ira has worked for various government agencies and private companies, including HP and Walmart, where he held positions such as Chief Security Strategist and Chief Security Architect. He is currently the CISO at CYE Security, an Israeli company specializing in cyber risk optimization. Ira has authored seven books on cybersecurity and is recognized as a leading authority in the industry.
Key Takeaways:
- CISOs often struggle to obtain the budgets they need for their cybersecurity programs because they fail to demonstrate the ROI of their efforts.
- Understanding the business side of cybersecurity is crucial for CISOs to effectively communicate the value they bring to the organization.
- Risk quantification models like FAIR provide a high-level framework but lack the precision and actionable insights needed for budget justifications.
- Advanced approaches that combine machine learning, Monte Carlo algorithms, and graph flow theory can provide more accurate risk calculations and help identify the most effective countermeasures.
- CISOs should gather historical data, analyze industry trends, and highlight real-world examples of cyber threats to support their budget requests.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
New Heights with Jason & Travis Kelce
Football’s funniest family duo — Jason Kelce of the Philadelphia Eagles and Travis Kelce of the Kansas City Chiefs — team up to provide next-level access to life in the league as it unfolds. The two brothers and Super Bowl champions drop weekly insights about the weekly slate of games and share their INSIDE perspectives on trending NFL news and sports headlines. They also endlessly rag on each other as brothers do, chat the latest in pop culture and welcome some very popular and well-known friends to chat with them. Check out new episodes every Wednesday. Follow New Heights on the Wondery App, YouTube or wherever you get your podcasts. You can listen to new episodes early and ad-free, and get exclusive content on Wondery+. Join Wondery+ in the Wondery App, Apple Podcasts or Spotify. And join our new membership for a unique fan experience by going to the New Heights YouTube channel now!
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.