#135 - Board Decks (with Demetrios Lazarikos)
CISO Tradecraft® - En podcast af CISO Tradecraft® - Mandage
One of the most important activities a CISO must perform is presenting high quality presentations to the Board of Directors. Listen and learn from Demetrios Lazarikos (Laz) and G Mark Hardy as they discuss what CISOs are putting in their decks and how best to answer the board's questions. Special thanks to our sponsor Risk3Sixty for supporting this episode. Risk3sixty has created a presentation template that helps you structure your thoughts while telling a compelling story about where you want your security program to go. Download it today for free at: https://risk3sixty.com/whitepaper/security-program-maturity-presentation-template-for-cisos/?utm_source=cisotradecraft&utm_medium=podcast&utm_campaign=2023-ct&utm_term=1week&utm_content=ebook References RSAC ESAF Download: https://www.rsaconference.com/rsac-programs/executive-security-action-forum NACD 2023 Directors Handbook: https://www.nacdonline.org/insights/publications.cfm?ItemNumber=74777 Blue Lava: https://bluelava.io/cybersecurity-board-reporting/ Transcripts: https://docs.google.com/document/d/1juM8MQUEtAZEDp1HpzkPdNw-D11O3ofq Chapters 00:00 Introduction 05:17 The Importance of External Audits in Managing Risk 06:48 How to Help Your Business of Revenue Protection Reduce Risk 11:15 How to be a Successful CISO 12:52 How to Measure the Threat to Your Environment 15:04 How to Prepare for Cyber Threats and Incidents 18:49 The Importance of Understanding the Business's Critical Assets 22:28 OSINT and CSIRT.global Tools and Technologies 25:14 Building a Matrix of Good Intention, Bad Behavior, and Access Management 28:10 How to Create an Incident Response Plan 30:20 How to Keep Your Board of Directors Informed of Cybersecurity Incidents 31:50 How to Keep Track of the Latest Cyber Threats Coming Around the Corner 34:11 How to Achieve Cyber Insurance Coverage 37:06 Cyber Liability Insurance: A Necessary Component of Running Your Business in 2023 39:22 How to Measure the Effectiveness of a Company's Cybersecurity Program 40:54 The Importance of Business Alignment