In this episode of CyberOXtales Podcast, host Neatsun Ziv, CEO of OX Security, interviews Ira Winkler, CISO and Vice President of CYE. They discuss the challenges faced by CISOs in obtaining the necessary budgets for their cybersecurity programs. Ira emphasizes the importance of CISOs understanding the business side of cybersecurity and being able to demonstrate the return on investment (ROI) of their efforts. He discusses the limitations of current risk quantification models, such as FAIR, and proposes a more advanced approach that combines machine learning and graph flow theory to calculate cyber risk and identify optimal countermeasures. Ira also highlights the need for CISOs to more effectively and efficiently communicate real threats and potential financial losses to the organization in order to justify their budget requests.
About Our Guest:
Ira Winkler is a renowned cybersecurity expert and award-winning CISO. He started his career as an intelligence analyst at the NSA before transitioning to become a computer systems analyst. Ira has worked for various government agencies and private companies, including HP and Walmart, where he held positions such as Chief Security Strategist and Chief Security Architect. He is currently the CISO at CYE Security, an Israeli company specializing in cyber risk optimization. Ira has authored seven books on cybersecurity and is recognized as a leading authority in the industry.
Key Takeaways:
- CISOs often struggle to obtain the budgets they need for their cybersecurity programs because they fail to demonstrate the ROI of their efforts.
- Understanding the business side of cybersecurity is crucial for CISOs to effectively communicate the value they bring to the organization.
- Risk quantification models like FAIR provide a high-level framework but lack the precision and actionable insights needed for budget justifications.
- Advanced approaches that combine machine learning, Monte Carlo algorithms, and graph flow theory can provide more accurate risk calculations and help identify the most effective countermeasures.
- CISOs should gather historical data, analyze industry trends, and highlight real-world examples of cyber threats to support their budget requests.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!