We Need To Talk: 52 Weeks To Better Cyber-Security

Ebook114 pages1 hour

We Need To Talk: 52 Weeks To Better Cyber-Security

Name: We Need To Talk: 52 Weeks To Better Cyber-Security
Author: L. Brent Huston

By L. Brent Huston

Rating: 0 out of 5 stars

()

Read preview

About this ebook

The book provides a comprehensive approach to discussing cyber-security, addressing topics such as risk management, configuration management, vulnerability management, policy, threat intelligence, and incident response. The discussions that are sparked will lead to helping your team strengthen and mature your organization's security posture.

The book is designed for information security professionals and their teams looking for a structured way to improve their organization’s cyber-security posture over one year. It is an ideal resource for those teams who wish to develop a well-rounded understanding of cyber-security and gain insight into the various elements that are needed for a successful program.

*This book was written programmatically with the help of AI tools and edited using Grammarly.

Skip carousel

Security

LanguageEnglish

PublisherPublishdrive

Release dateFeb 1, 2023

Author

L. Brent Huston

Related authors

Skip carousel

Related to We Need To Talk

Related ebooks

Skip carousel

Cybersecurity ISMS Policies And Procedures A Complete Guide - 2020 Edition
Ebook
Cybersecurity ISMS Policies And Procedures A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Information Protection Playbook
Ebook
Information Protection Playbook
byGreg Kane
Rating: 0 out of 5 stars
0 ratings
Secure Your Business: Insights to Governance, Risk, Compliance & Information Security
Ebook
Secure Your Business: Insights to Governance, Risk, Compliance & Information Security
byBoD - Books on Demand
Rating: 0 out of 5 stars
0 ratings
Cyber Security Breach A Complete Guide - 2020 Edition
Ebook
Cyber Security Breach A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Infosec Management Fundamentals
Ebook
Infosec Management Fundamentals
byHenry Dalziel
Rating: 5 out of 5 stars
5/5
Cyber Security Awareness A Complete Guide - 2020 Edition
Ebook
Cyber Security Awareness A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
IS Auditor - Process of Auditing: Information Systems Auditor, #1
Ebook
IS Auditor - Process of Auditing: Information Systems Auditor, #1
bySelwyn Classen
Rating: 0 out of 5 stars
0 ratings
Security Operations Center - SIEM Use Cases and Cyber Threat Intelligence
Ebook
Security Operations Center - SIEM Use Cases and Cyber Threat Intelligence
byArun E Thomas
Rating: 0 out of 5 stars
0 ratings
Security Operations: CISSP, #7
Ebook
Security Operations: CISSP, #7
bySelwyn Classen
Rating: 0 out of 5 stars
0 ratings
IT Security Audit A Complete Guide - 2020 Edition
Ebook
IT Security Audit A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
IT Induction and Information Security Awareness: A Pocket Guide
Ebook
IT Induction and Information Security Awareness: A Pocket Guide
byValerie Maddock
Rating: 0 out of 5 stars
0 ratings
CCISO A Complete Guide - 2020 Edition
Ebook
CCISO A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 1 out of 5 stars
1/5
IT GRC A Complete Guide - 2020 Edition
Ebook
IT GRC A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
ISO27001 in a Windows Environment: The best practice implementation handbook for a Microsoft Windows environment
Ebook
ISO27001 in a Windows Environment: The best practice implementation handbook for a Microsoft Windows environment
byBrian Honan
Rating: 0 out of 5 stars
0 ratings
ISO IEC 27001 Lead Implementer A Complete Guide - 2020 Edition
Ebook
ISO IEC 27001 Lead Implementer A Complete Guide - 2020 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Qualified Security Assessor Complete Self-Assessment Guide
Ebook
Qualified Security Assessor Complete Self-Assessment Guide
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
The Insider Threat: Combatting the Enemy Within
Ebook
The Insider Threat: Combatting the Enemy Within
byClive Blackwell
Rating: 0 out of 5 stars
0 ratings
Total Information Risk Management: Maximizing the Value of Data and Information Assets
Ebook
Total Information Risk Management: Maximizing the Value of Data and Information Assets
byAlexander Borek
Rating: 0 out of 5 stars
0 ratings
ISO 22301 A Complete Guide - 2021 Edition
Ebook
ISO 22301 A Complete Guide - 2021 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Managing Information Security Breaches: Studies from real life
Ebook
Managing Information Security Breaches: Studies from real life
byMichael Krausz
Rating: 0 out of 5 stars
0 ratings
Nine Steps to Success: An ISO27001:2013 Implementation Overview
Ebook
Nine Steps to Success: An ISO27001:2013 Implementation Overview
byAlan Calder
Rating: 3 out of 5 stars
3/5
Information Security Breaches: Avoidance and Treatment based on ISO27001
Ebook
Information Security Breaches: Avoidance and Treatment based on ISO27001
byMichael Krausz
Rating: 0 out of 5 stars
0 ratings
IT Governance A Complete Guide - 2019 Edition
Ebook
IT Governance A Complete Guide - 2019 Edition
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Network and Information Systems (NIS) Regulations - A pocket guide for digital service providers
Ebook
Network and Information Systems (NIS) Regulations - A pocket guide for digital service providers
byAlan Calder
Rating: 0 out of 5 stars
0 ratings
IT Asset Management Complete Self-Assessment Guide
Ebook
IT Asset Management Complete Self-Assessment Guide
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Network and Information Systems (NIS) Regulations - A pocket guide for operators of essential services
Ebook
Network and Information Systems (NIS) Regulations - A pocket guide for operators of essential services
byAlan Calder
Rating: 0 out of 5 stars
0 ratings
Information Security A Practical Guide: Bridging the gap between IT and management
Ebook
Information Security A Practical Guide: Bridging the gap between IT and management
byTom Mooney
Rating: 5 out of 5 stars
5/5
Nine Steps to Success: North American edition: An ISO 27001 Implementation Overview
Ebook
Nine Steps to Success: North American edition: An ISO 27001 Implementation Overview
byAlan Calder
Rating: 0 out of 5 stars
0 ratings
Cybersecurity Risk Complete Self-Assessment Guide
Ebook
Cybersecurity Risk Complete Self-Assessment Guide
byGerardus Blokdyk
Rating: 0 out of 5 stars
0 ratings
Information Security Auditor: Careers in information security
Ebook
Information Security Auditor: Careers in information security
byWendy Goucher
Rating: 0 out of 5 stars
0 ratings

Security For You

Skip carousel

How to Become Anonymous, Secure and Free Online
Ebook
How to Become Anonymous, Secure and Free Online
byAmy Awol
Rating: 5 out of 5 stars
5/5
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life
Ebook
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life
byJ. J. Luna
Rating: 4 out of 5 stars
4/5
CompTIA Security+ Study Guide: Exam SY0-601
Ebook
CompTIA Security+ Study Guide: Exam SY0-601
byMike Chapple
Rating: 5 out of 5 stars
5/5
The Hacker Crackdown: Law and Disorder on the Electronic Frontier
Ebook
The Hacker Crackdown: Law and Disorder on the Electronic Frontier
byBruce Sterling
Rating: 4 out of 5 stars
4/5
Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601)
Ebook
Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601)
byDawn Dunkerley
Rating: 5 out of 5 stars
5/5
Dark Territory: The Secret History of Cyber War
Ebook
Dark Territory: The Secret History of Cyber War
byFred Kaplan
Rating: 4 out of 5 stars
4/5
Cybersecurity For Dummies
Ebook
Cybersecurity For Dummies
byJoseph Steinberg
Rating: 4 out of 5 stars
4/5
Practical Lock Picking: A Physical Penetration Tester's Training Guide
Ebook
Practical Lock Picking: A Physical Penetration Tester's Training Guide
byDeviant Ollam
Rating: 5 out of 5 stars
5/5
The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse
Ebook
The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse
byNick Selby
Rating: 0 out of 5 stars
0 ratings
Social Engineering: The Science of Human Hacking
Ebook
Social Engineering: The Science of Human Hacking
byChristopher Hadnagy
Rating: 3 out of 5 stars
3/5
Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity
Ebook
Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity
byDr. Erdal Ozkaya
Rating: 5 out of 5 stars
5/5
Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601)
Ebook
Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601)
byMike Meyers
Rating: 5 out of 5 stars
5/5
Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking
Ebook
Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking
byKevin Clark
Rating: 5 out of 5 stars
5/5
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers
Ebook
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers
byKevin D. Mitnick
Rating: 4 out of 5 stars
4/5
Codes and Ciphers - A History of Cryptography
Ebook
Codes and Ciphers - A History of Cryptography
byAlexander D'Agapeyeff
Rating: 4 out of 5 stars
4/5
Make Your Smartphone 007 Smart
Ebook
Make Your Smartphone 007 Smart
byConrad Jaeger
Rating: 4 out of 5 stars
4/5
Hacking With Kali Linux : A Comprehensive, Step-By-Step Beginner's Guide to Learn Ethical Hacking With Practical Examples to Computer Hacking, Wireless Network, Cybersecurity and Penetration Testing
Ebook
Hacking With Kali Linux : A Comprehensive, Step-By-Step Beginner's Guide to Learn Ethical Hacking With Practical Examples to Computer Hacking, Wireless Network, Cybersecurity and Penetration Testing
byPeter Bradley
Rating: 5 out of 5 stars
5/5
Tor and the Dark Art of Anonymity
Ebook
Tor and the Dark Art of Anonymity
byLance Henderson
Rating: 5 out of 5 stars
5/5
How to Hack Like a Pornstar
Ebook
How to Hack Like a Pornstar
bySparc Flow
Rating: 5 out of 5 stars
5/5
Remote/WebCam Notarization : Basic Understanding
Ebook
Remote/WebCam Notarization : Basic Understanding
byJeannie Eunice Franks
Rating: 3 out of 5 stars
3/5
Wireless Hacking 101
Ebook
Wireless Hacking 101
byKarina Astudillo
Rating: 4 out of 5 stars
4/5
CompTIA Network+ Review Guide: Exam N10-008
Ebook
CompTIA Network+ Review Guide: Exam N10-008
byJon Buhagiar
Rating: 0 out of 5 stars
0 ratings
The CompTIA Network+ & Security+ Certification: 2 in 1 Book- Simplified Study Guide Eighth Edition (Exam N10-008) | The Complete Exam Prep with Practice Tests and Insider Tips & Tricks | Achieve a 98% Pass Rate on Your First Attempt!
Ebook
The CompTIA Network+ & Security+ Certification: 2 in 1 Book- Simplified Study Guide Eighth Edition (Exam N10-008) | The Complete Exam Prep with Practice Tests and Insider Tips & Tricks | Achieve a 98% Pass Rate on Your First Attempt!
byComptia Ace5
Rating: 0 out of 5 stars
0 ratings
Hacking For Dummies
Ebook
Hacking For Dummies
byKevin Beaver
Rating: 4 out of 5 stars
4/5
Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1
Ebook
Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1
byDexter Jackson
Rating: 4 out of 5 stars
4/5
CISSP Study Guide
Ebook
CISSP Study Guide
byJoshua Feldman
Rating: 4 out of 5 stars
4/5
Cybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1
Ebook
Cybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1
byKevin Clark
Rating: 0 out of 5 stars
0 ratings
Game Console Hacking: Xbox, PlayStation, Nintendo, Game Boy, Atari and Sega
Ebook
Game Console Hacking: Xbox, PlayStation, Nintendo, Game Boy, Atari and Sega
byJoe Grand
Rating: 0 out of 5 stars
0 ratings
Cybersecurity – Attack and Defense Strategies - Second Edition: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition
Ebook
Cybersecurity – Attack and Defense Strategies - Second Edition: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition
byYuri Diogenes
Rating: 5 out of 5 stars
5/5
CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition)
Ebook
CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition)
byEithne Hogan
Rating: 0 out of 5 stars
0 ratings

Related podcast episodes

Skip carousel

NIST Cybersecurity Framework [Special Edition]: NIST Cybersecurity Framework
Podcast episode
NIST Cybersecurity Framework [Special Edition]: NIST Cybersecurity Framework
byCyberWire Daily
0 ratings
0% found this document useful
#130 What are the 11 new controls in ISO 27001:2022?: ISO 27001, The Information Security Standard, was updated in October 2022. While there is a 2-year grace period for transition, we would urge everyone to make a start on implementing the changes to ensure you are compliant with latest best practice...
Podcast episode
#130 What are the 11 new controls in ISO 27001:2022?: ISO 27001, The Information Security Standard, was updated in October 2022. While there is a 2-year grace period for transition, we would urge everyone to make a start on implementing the changes to ensure you are compliant with latest best practice...
byThe ISO Show
0 ratings
0% found this document useful
CSP #105 - Dear Auditor: Why is this a high risk finding? Can we talk?: CISOs often have a love/hate relationship with auditors, as it is the auditors that are placing judgment on the adequacy of company cybersecurity controls. Join this session from the perspective of an IT Audit leader and former CISO, as to how to view...
Podcast episode
CSP #105 - Dear Auditor: Why is this a high risk finding? Can we talk?: CISOs often have a love/hate relationship with auditors, as it is the auditors that are placing judgment on the adequacy of company cybersecurity controls. Join this session from the perspective of an IT Audit leader and former CISO, as to how to view...
byCISO Stories Podcast (Audio)
0 ratings
0% found this document useful
#128 What's new with ISO 27001:2022?: The long-awaited update of ISO 27001 arrived in October 2022, having gone 9 years since its previous 2013 iteration. Needless to say, it was much overdue. The new 2022 version of the Standard includes 11 new controls and sees around 56 other controls...
Podcast episode
#128 What's new with ISO 27001:2022?: The long-awaited update of ISO 27001 arrived in October 2022, having gone 9 years since its previous 2013 iteration. Needless to say, it was much overdue. The new 2022 version of the Standard includes 11 new controls and sees around 56 other controls...
byThe ISO Show
0 ratings
0% found this document useful
#109 What's new with ISO 27002:2022?: Did you know there were 80 identified security incidents, resulting in 34,908,053 compromised records in June 2022 alone! Standards such as ISO 27001 can help you put measures in place to reduce risk and help set up procedures for data recovery....
Podcast episode
#109 What's new with ISO 27002:2022?: Did you know there were 80 identified security incidents, resulting in 34,908,053 compromised records in June 2022 alone! Standards such as ISO 27001 can help you put measures in place to reduce risk and help set up procedures for data recovery....
byThe ISO Show
0 ratings
0% found this document useful
006 Leading High Performance Cohesive Teams: Welcome to CEO Brain Food, a show aimed at providing key insights, fresh perspectives, and proven tools that CEOs can apply to build enterprise value, generate higher profits and develop the talent needed to succeed in their businesses. In this episode of CEO Brain Food, Michael breaks down the components necessary to lead high performing cohesive teams. Michael identifies the importance of hiring the right people, emotional intelligence, and being present as three key factors in developing high-functioning teams. Finally, Michael lists six crucial points for leading cohesive teams. These include having a set number of KPIs (key performance indicators), ongoing training, and decision-making authority, among others.
Podcast episode
006 Leading High Performance Cohesive Teams: Welcome to CEO Brain Food, a show aimed at providing key insights, fresh perspectives, and proven tools that CEOs can apply to build enterprise value, generate higher profits and develop the talent needed to succeed in their businesses. In this episode of CEO Brain Food, Michael breaks down the components necessary to lead high performing cohesive teams. Michael identifies the importance of hiring the right people, emotional intelligence, and being present as three key factors in developing high-functioning teams. Finally, Michael lists six crucial points for leading cohesive teams. These include having a set number of KPIs (key performance indicators), ongoing training, and decision-making authority, among others.
byCEO BrainFood
0 ratings
0% found this document useful
#129 What clauses have been updated in ISO 27001:2022?: As many of you are aware, an updated version of ISO 27001 was published in October 2022. While there is a 2-year grace period for transition, we would urge everyone to make a start on implementing the changes to ensure you are compliant with latest...
Podcast episode
#129 What clauses have been updated in ISO 27001:2022?: As many of you are aware, an updated version of ISO 27001 was published in October 2022. While there is a 2-year grace period for transition, we would urge everyone to make a start on implementing the changes to ensure you are compliant with latest...
byThe ISO Show
0 ratings
0% found this document useful
Reinventing Asset Inventory for Security - Ed Rossi - ESW #235: Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software...
Podcast episode
Reinventing Asset Inventory for Security - Ed Rossi - ESW #235: Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software...
bySecurity Weekly Podcast Network (Video)
0 ratings
0% found this document useful
No Shirt. No Security. No Merger.: Episode available on CISO Series blog ( Sure, we'd like to merge with your company but geez, have you looked at your security posture lately? Uggh. I don't know if I could be seen in public with your kind let alone acquire your type. We're wary as...
Podcast episode
No Shirt. No Security. No Merger.: Episode available on CISO Series blog ( Sure, we'd like to merge with your company but geez, have you looked at your security posture lately? Uggh. I don't know if I could be seen in public with your kind let alone acquire your type. We're wary as...
byCISO Series Podcast
0 ratings
0% found this document useful
#60 What is ISO 27017: Controls for Cloud Services
Podcast episode
#60 What is ISO 27017: Controls for Cloud Services
byThe ISO Show
0 ratings
0% found this document useful
ITIL 4 Specialist: High-velocity IT, with Mark Smalley & Stuart Rance: In this episode, Akshay Anand and Roman Jouravlev talk to Mark Smalley (one of ITIL 4’s lead editors) and Stuart Rance (lead architect of ITIL 4) about the vision for the ITIL 4 Managing Professional module, ITIL 4 Specialist: High-velocity IT.
Podcast episode
ITIL 4 Specialist: High-velocity IT, with Mark Smalley & Stuart Rance: In this episode, Akshay Anand and Roman Jouravlev talk to Mark Smalley (one of ITIL 4’s lead editors) and Stuart Rance (lead architect of ITIL 4) about the vision for the ITIL 4 Managing Professional module, ITIL 4 Specialist: High-velocity IT.
byThe AXELOS Best Practice Podcast
0 ratings
0% found this document useful
Your First 90 Days As A New CISO: Initial Worries & New Challenges Going from consulting into a leadership position requires you to take on a new level of responsibility. You take that leap of having more permanence in the position but also now having to lead a team of other...
Podcast episode
Your First 90 Days As A New CISO: Initial Worries & New Challenges Going from consulting into a leadership position requires you to take on a new level of responsibility. You take that leap of having more permanence in the position but also now having to lead a team of other...
byThe New CISO
0 ratings
0% found this document useful
Cyber Resiliency with Sounil Yu
Podcast episode
Cyber Resiliency with Sounil Yu
byAfternoon Cyber Tea with Ann Johnson
0 ratings
0% found this document useful
Lessons Learned from a Virtual CISO: Insights on teamwork, getting visibility at the executive level and the right prep for effective board conversations
Podcast episode
Lessons Learned from a Virtual CISO: Insights on teamwork, getting visibility at the executive level and the right prep for effective board conversations
byThe New CISO
0 ratings
0% found this document useful
Data breach at the US Marshals Service. Blind Eagle phishes in the service of espionage. Dish investigates its outages. Qakbot delivered via OneNote files. Memory-safe coding.
Podcast episode
Data breach at the US Marshals Service. Blind Eagle phishes in the service of espionage. Dish investigates its outages. Qakbot delivered via OneNote files. Memory-safe coding.
byCyberWire Daily
0 ratings
0% found this document useful
Building an Insider Threat Program from Scratch: Kylie “KT” Boyle joins us in the latest episode of The New CISO, which is also the beginning of a new segment: The New CISO Foundations. Every security program is built off of a foundation; this episode will focus on KT’s mission and what...
Podcast episode
Building an Insider Threat Program from Scratch: Kylie “KT” Boyle joins us in the latest episode of The New CISO, which is also the beginning of a new segment: The New CISO Foundations. Every security program is built off of a foundation; this episode will focus on KT’s mission and what...
byThe New CISO
0 ratings
0% found this document useful
067 - What the heck is ITSM? And how is it like Improv?: What is ITSM? What is ITIL? And why is it important for a project manager to know?
Podcast episode
067 - What the heck is ITSM? And how is it like Improv?: What is ITSM? What is ITIL? And why is it important for a project manager to know?
byProject Management Happy Hour
0 ratings
0% found this document useful
Engineering for Data Privacy: Navigating Infrastructure, Security, and Compliance with Skyflow’s Roshmik Saha: In this episode Roshmik Saha, Head of Engineering at Skyflow, dives into the fascinating realm of data privacy and security solutions. Whether you're considering building your own privacy solution or seeking insights into the infrastructure requireme...
Podcast episode
Engineering for Data Privacy: Navigating Infrastructure, Security, and Compliance with Skyflow’s Roshmik Saha: In this episode Roshmik Saha, Head of Engineering at Skyflow, dives into the fascinating realm of data privacy and security solutions. Whether you're considering building your own privacy solution or seeking insights into the infrastructure requireme...
byPartially Redacted: Data Privacy, Security & Compliance
0 ratings
0% found this document useful
How Zendesk Aligns Systems and Security
Podcast episode
How Zendesk Aligns Systems and Security
byThe Employee Safety Podcast
0 ratings
0% found this document useful
Why Use Maturity Models to Improve Cybersecurity: Key Concepts, Principles, and Definitions: In this podcast, Rich Caralli explains how maturity models provide measurable value in improving an organization's cybersecurity capabilities.
Podcast episode
Why Use Maturity Models to Improve Cybersecurity: Key Concepts, Principles, and Definitions: In this podcast, Rich Caralli explains how maturity models provide measurable value in improving an organization's cybersecurity capabilities.
bySoftware Engineering Institute (SEI) Podcast Series
0 ratings
0% found this document useful
WBSP244: Grow Your Business by Learning the Information Architecture Strategies for the Operations Department, a Live Interview w/ a Panel of Experts
Podcast episode
WBSP244: Grow Your Business by Learning the Information Architecture Strategies for the Operations Department, a Live Interview w/ a Panel of Experts
byWBSRocks: Business Growth with ERP and Digital Transformation
0 ratings
0% found this document useful
Introduction to Data Governance with Skyflow’s Ashley Jose: In this episode, Ashley Jose, a product lead at Skyflow with a decade of experience in SaaS product management, explores the importance of data governance in today's data-driven world. He discusses the impact of growing data on business decisions and...
Podcast episode
Introduction to Data Governance with Skyflow’s Ashley Jose: In this episode, Ashley Jose, a product lead at Skyflow with a decade of experience in SaaS product management, explores the importance of data governance in today's data-driven world. He discusses the impact of growing data on business decisions and...
byPartially Redacted: Data Privacy, Security & Compliance
0 ratings
0% found this document useful
083: SMS Pt 4 - What Does ISO 45001 Require?: Safety Management System overview
Podcast episode
083: SMS Pt 4 - What Does ISO 45001 Require?: Safety Management System overview
byThe Safety Pro Podcast
0 ratings
0% found this document useful
Measuring the Success of Your Security Program: All links and images for this episode can be found on CISO Series () How does a CISO measure the performance of their security program? Sure, there are metrics, but what are you measuring against? Is it a framework or the quality of protection? How do...
Podcast episode
Measuring the Success of Your Security Program: All links and images for this episode can be found on CISO Series () How does a CISO measure the performance of their security program? Sure, there are metrics, but what are you measuring against? Is it a framework or the quality of protection? How do...
byDefense in Depth
0 ratings
0% found this document useful
060: 4 Ways to Use Data to Improve Your Safety Culture: How a Digital Safety Dashboard Can Help You
Podcast episode
060: 4 Ways to Use Data to Improve Your Safety Culture: How a Digital Safety Dashboard Can Help You
byThe Safety Pro Podcast
0 ratings
0% found this document useful
049: 8 Tips for Selecting Key Safety Performance Indicators: Important Key Performance Indicators for Safety
Podcast episode
049: 8 Tips for Selecting Key Safety Performance Indicators: Important Key Performance Indicators for Safety
byThe Safety Pro Podcast
0 ratings
0% found this document useful
Privacy is a moving target. Here’s how engineering teams can stay on track.: On this sponsored episode of the podcast, we talk with Rob Pickard and Matt Cooper of Vanta, who get that question every day. Their company makes security monitoring software that helps companies get into compliance quickly. We spoke about the shifting sands of privacy rules and regulations, tracking data flows through systems and across corporate borders, and how security automation can put up guardrails instead of gates.
Podcast episode
Privacy is a moving target. Here’s how engineering teams can stay on track.: On this sponsored episode of the podcast, we talk with Rob Pickard and Matt Cooper of Vanta, who get that question every day. Their company makes security monitoring software that helps companies get into compliance quickly. We spoke about the shifting sands of privacy rules and regulations, tracking data flows through systems and across corporate borders, and how security automation can put up guardrails instead of gates.
byThe Stack Overflow Podcast
0 ratings
0% found this document useful
Getting through a SOC 2 audit with your nerves intact: On this sponsored episode of the podcast, Ben and Ryan talk with James Ciesielski, CTO and co-founder, and Megan Dean, information security and risk compliance manager, both of Rewind. We talk about how you can prep for and successfully get through a SOC 2 audit, how backing up your SaaS data can provide business continuity, and the benefits of establishing a relationship with your auditor.
Podcast episode
Getting through a SOC 2 audit with your nerves intact: On this sponsored episode of the podcast, Ben and Ryan talk with James Ciesielski, CTO and co-founder, and Megan Dean, information security and risk compliance manager, both of Rewind. We talk about how you can prep for and successfully get through a SOC 2 audit, how backing up your SaaS data can provide business continuity, and the benefits of establishing a relationship with your auditor.
byThe Stack Overflow Podcast
0 ratings
0% found this document useful
EP100 2022 Accelerate State of DevOps Report and Software Supply Chain Security: Guests: , Security Data Scientist, Todd Kulesza, User Experience Researcher, Google Topics: How did you get involved with this year’s Accelerate State of DevOps Report ()? So what is DORA and why did you decide to focus on supply chain security...
Podcast episode
EP100 2022 Accelerate State of DevOps Report and Software Supply Chain Security: Guests: , Security Data Scientist, Todd Kulesza, User Experience Researcher, Google Topics: How did you get involved with this year’s Accelerate State of DevOps Report ()? So what is DORA and why did you decide to focus on supply chain security...
byCloud Security Podcast by Google
0 ratings
0% found this document useful
#135 Emerging SaaS Trends in Health and Safety: With the pandemic being the driving force behind more remote working than ever before, health and safety professionals are becoming increasingly tech-savvy. All evidence points to them increasing their reliance on Software as a Service (SaaS)...
Podcast episode
#135 Emerging SaaS Trends in Health and Safety: With the pandemic being the driving force behind more remote working than ever before, health and safety professionals are becoming increasingly tech-savvy. All evidence points to them increasing their reliance on Software as a Service (SaaS)...
byThe ISO Show
0 ratings
0% found this document useful

Skip carousel

Cyber Safe
Facility Management
Article
Cyber Safe
Dec 23, 2018
4 min read
Why Leaders Need To Take A Risk-based Approach To Data Security
NZBusiness and Management
Article
Why Leaders Need To Take A Risk-based Approach To Data Security
Jul 21, 2021
5 min read
Vulnerability Assessments
PC Pro Magazine
Article
Vulnerability Assessments
Jan 7, 2021
3 min read
“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster”
PC Pro Magazine
Article
“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster”
Apr 10, 2022
6 min read
Cybersecurity Firm Fireeye Says Was Hacked By Nation State
TechLife News
Article
Cybersecurity Firm Fireeye Says Was Hacked By Nation State
Dec 12, 2020
3 min read
Cyber Security IS A SHARED RESPONSIBILITY AT THE C-LEVEL
Inc.
Article
Cyber Security IS A SHARED RESPONSIBILITY AT THE C-LEVEL
Sep 21, 2016
Data breaches can have far-reaching repercussions; protecting against them is a companywide mandate
2 min read
Critical Infrastructure Organisations At Risk Of A Security Breach By 2025
NZBusiness and Management
Article
Critical Infrastructure Organisations At Risk Of A Security Breach By 2025
Jan 20, 2022
1 min read
Time To Get Serious About Cybersecurity
NZBusiness and Management
Article
Time To Get Serious About Cybersecurity
Jul 21, 2021
3 min read
Artificial Intelligence: The Next Step for Cybersecurity
Cannabis & Tech Today
Article
Artificial Intelligence: The Next Step for Cybersecurity
Apr 1, 2019
3 min read
Act, Don't React: A Leader's Guide to Cybersecurity
Rotman Management
Article
Act, Don't React: A Leader's Guide to Cybersecurity
Sep 1, 2019
9 min read
Data Security Standards
Linux Format
Article
Data Security Standards
Aug 24, 2021
A lot of engineers like to rail against standards as pointless box-checking and in some cases they are. Especially when it comes to things like PCI-DSS. Fundamentally, any engineer can look at PCI-DSS and say honestly that it’s obvious, and that all
1 min read
Cybersecurity: It Might Be The Small Stuff That Gets You
NZBusiness and Management
Article
Cybersecurity: It Might Be The Small Stuff That Gets You
Jan 16, 2020
2 min read
Bolster Your Cyber Security
MoneyWeek
Article
Bolster Your Cyber Security
Apr 5, 2024
2 min read
Leadership Forum: Making Digital Transformation A Reality
Rotman Management
Article
Leadership Forum: Making Digital Transformation A Reality
Jan 1, 2018
Glenda Crisp Senior Vice President and Chief Data Officer, TD Bank Group + Connie Bonello Associate Partner, Financial Services, IBM Canada IN MOST OF TODAY’S ORGANIZATIONS, data underpins every transaction, operation and interaction. And yet, the ab
8 min read
How Do You Know You Are Okay?
NZBusiness and Management
Article
How Do You Know You Are Okay?
May 27, 2019
2 min read
Web App Security
Linux Format
Article
Web App Security
Jun 29, 2021
8 min read
The Gold Standard
Marketing
Article
The Gold Standard
Jun 6, 2018
9 min read
Principles of Technical Leadership
Techfastly
Article
Principles of Technical Leadership
Mar 1, 2022
IT staff is more than just a number on a spreadsheet. This information is valuable, but it does not tell the whole story. We’ll also need to know about your team’s project history, current (non-hired) CV, and the skills and positions they have—and wa
2 min read
Zero Trust
PC Pro Magazine
Article
Zero Trust
Sep 11, 2022
2 min read
Starting a Successful Home Security Company: Step-By-Step Guide
Home Business Magazine
Article
Starting a Successful Home Security Company: Step-By-Step Guide
Mar 30, 2023
4 min read
8 Network Security For Your Home And Office
Techfastly
Article
8 Network Security For Your Home And Office
Nov 30, 2020
7 min read
Firms Must Test Cyber Resilience Plans, Policies
Business Today
Article
Firms Must Test Cyber Resilience Plans, Policies
Jul 9, 2020
4 min read
Signals Of Change: how To Evolve For The New Global Reality
Rotman Management
Article
Signals Of Change: how To Evolve For The New Global Reality
May 1, 2022
11 min read
Essentially There Many Fundamental Questions
The European Business Review
Article
Essentially There Many Fundamental Questions
May 25, 2021
1 What we are trying to assess? The answer appears to be no: selectors are still interested in an individual’s ability, personality and motivation as well as their integrity and health. Whilst new concepts appear every so often (e.g agility, resilien
1 min read
Privacy: The Price Of Trust
Inc.
Article
Privacy: The Price Of Trust
Aug 17, 2021
How will cybersecurity and data privacy evolve over the next decade? We’re hearing from our customers that cybersecurity and data privacy are increasingly becoming board-level conversations. Companies will start to think about privacy, security, vend
1 min read
Arnab PANDEY
Techfastly
Article
Arnab PANDEY
Apr 1, 2021
11 min read
Q&A
Rotman Management
Article
Q&A
May 1, 2023
Describe the capability that companies like Netflix, UPS, Amazon and Caesars Entertainment have in common. These are all leading firms in their industries with respect to leveraging analytics as a source of competitive advantage. We now have so much
7 min read
Cybersecurity Made Simple: Taming The Password
The European Business Review
Article
Cybersecurity Made Simple: Taming The Password
Mar 1, 2022
8 min read
Leading in the Age of Disruption: Five Critical Skills
Rotman Management
Article
Leading in the Age of Disruption: Five Critical Skills
Jan 1, 2022
10 min read
Digital Marketing: AI Enables Expanded Roles For Marketers
The European Business Review
Article
Digital Marketing: AI Enables Expanded Roles For Marketers
Jan 25, 2021
8 min read

Related categories

Skip carousel

Reviews for We Need To Talk

Rating: 0 out of 5 stars

0 ratings

0 ratings0 reviews

Book preview

We Need To Talk - L. Brent Huston

WEEK TWO

Best Practices Frameworks

QUESTIONS:

How are we doing with respect to best practices? Are there any areas where we need to focus more attention? Are there any areas that we should avoid? What best practice frameworks are we using across information security? How do we keep up with updates and changes? What kind of cross-training are we doing on frameworks?

Support Materials:

Information Security professionals often use best practice frameworks to help them understand how to implement various technologies and processes that will improve the overall effectiveness of their information security program. These frameworks provide a common language for discussing topics such as threat modeling, vulnerability management, access control, identity management, encryption, etc. They are also very effective at helping people who may need formal training in these areas to learn about them.

WEEK THREE

Security Policy

QUESTIONS:

Is there an official security policy document defining the organization's information security approach? Are those policies reviewed regularly? Has the organization ever been audited by a third party? If so, who did the audit, and what were their findings? Was anything changed as a result of the audit? Who on the team is responsible for writing and/or revising the policy documents? How are feedback and lessons learned throughout the enterprise woven into those updates? How are changes to our policies socialized across the company?

Support Materials:

Establishing, socializing, and keeping policies up to date are critical information security functions. Security policy documentation is crucial for many reasons. First, it provides a record of how you want your organization's information technology (IT) infrastructure to operate. Second, it helps IT staff understand the requirements that the various components of the IT infrastructure must meet. Third, it serves as a reminder of the security standards that must be followed at all times. Finally, it ensures that everyone understands the rules and regulations governing the use of the IT infrastructure.

WEEK FOUR

Relationships With Other Groups

QUESTIONS:

How are we working with other groups within the organization? Are there any areas where we need to collaborate more closely? Are there any areas that we should avoid collaborating with? Why? Are there any relationships that need to be clearly defined? Could those be clarified? Are there any areas where we need to clarify who owns what responsibilities?

Support Materials:

Relationships between different groups within an organization are critical to the success of information security programs. These relationships exist between IT and Security, Operations and Information Security, and even between the various departments within an organization. To effectively manage risks, it is necessary to understand how these relationships work together. For example, who will respond first if a server has a problem? Who has the authority to make decisions about the response? How does this impact the relationship between the two groups? Understanding these issues helps you build better relationships with your peers. Better relationships mean a more effective information security

Enjoying the preview?

Page 1 of 1

We Need To Talk: 52 Weeks To Better Cyber-Security

About this ebook

L. Brent Huston

Related authors

Related to We Need To Talk

Related ebooks

Security For You

Related podcast episodes

Related articles

Related categories

Reviews for We Need To Talk

What did you think?

Book preview

We Need To Talk - L. Brent Huston