Leveraging board governance for cybersecurity
Subscribe: Apple Podcasts | Android | Google Podcasts | Stitcher | TuneIn | Spotify | RSS
Michael Figueroa, President and Executive Director of the Advanced Cyber Security Center (ACSC), discusses the importance of leveraging board governance in cybersecurity initiatives.
– Join the fight against cybercrime: https://infosecinstitute.com
–Special offer for Cyber Work listeners: https://www.infosecinstitute.com/podcast
In the podcast, Figueroa and host Chris Sienko discuss:
– Why are so many organizations still unaware of the need for strong unified security planning? (1:44)
– Is this a situation where C-suite members shoulder the burden of security on themselves, or even assume that it’s just IT’s problem and leave it at that? (3:38)
– Tell us about the survey mentioned in the briefing between ACSC member CISOs and CIOs representing organizations from a range of sectors. What were some of the perspectives discussed in this meeting? (5:00)
– Were there any compelling scenarios or real-world examples at the meeting that made for compelling stories? (7:32)
– What should be the first step for an organization that has critically neglected it digital cybersecurity strategy? (9:48)
– What are some steps one can make to make your board more cyber-seasoned, both with planning and day-to-day operations? (13:35)
– What is the role of non-human identities? Do things like service accounts that connect to modular coding components, microservices, software containers and APIs feed into this issue? (14:46)
– In your report, you noted that there is a need “for a risk standard… that would help guide decision making.” What are the first steps that nee to be taken to craft such a standard? Has there been any work on this since the release of the report? (17:37)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Hunter Reed. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/fzhe4c49Fs4/