Guests:
Christine Dewhurst, Partner, NSC Tech
On LinkedIn | https://www.linkedin.com/in/christine-dewhurst-262867a9/
At Sector | https://www.blackhat.com/sector/2024/briefings/schedule/speakers.html#christine-dewhurst-48706
Dr. Thomas Lee, CEO, Vivo Security
On LinkedIn | https://www.linkedin.com/in/thomas-lee-phd-b7766b10/
At Sector | https://www.blackhat.com/sector/2024/briefings/schedule/speakers.html#dr-thomas-lee-48707
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
In this episode of the On Location with Sean and Marco as part of our coverage of SecTor Information Security Conference in Toronto, Canada, Sean Martin and Marco Ciappelli spoke with notable guests Christine Dewhurst and Dr. Thomas Lee. This episode centers on innovative approaches to assessing an organization's risk related to third-party data breaches. Christine Dewhurst and Dr. Thomas Lee present a compelling new people-centric model for determining an organization's exposure to third-party data breaches.
Dr. Lee, who holds a PhD in biophysics and operates in California's Silicon Valley, initially approached cybersecurity from a scientific standpoint. He explains that their research focuses on using empirical regression modeling to quantify and predict data breach probabilities based on staffing levels and certifications. His emphasis is on the importance of having enough trained and certified personnel, which includes CISSPs and CISAs, as key indicators of security posture.
Christine Dewhurst, based in Toronto, partners with Dr. Lee in applying these mathematical models in practical scenarios. She underscores the critical role of understanding the workforce's capacity to manage and protect data. Dewhurst explains that their model evaluates five key staffing metrics to predict data breach risks, emphasizing that having the right quantity and quality of staff is crucial for robust security. She highlights their unique approach which differs from traditional methods focusing solely on technical controls.
The discussion also touches on the surprising significance of audit certifications (CISA) being equally important as technical security certifications (CISSP). This understanding bridges the gap between cybersecurity practices and business management strategies, providing a holistic overview of enterprise security health based on human resources. Christine Dewhurst and Dr. Thomas Lee offer fresh insights into how organizations can strategically enhance their defenses against third-party data breaches.
____________________________
This Episode’s Sponsors
HITRUST: https://itspm.ag/itsphitweb
____________________________
Follow our SecTor Cybersecurity Conference Toronto 2024 coverage: https://www.itspmagazine.com/sector-cybersecurity-conference-2024-cybersecurity-event-coverage-in-toronto-canada
On YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllSCvf6o-K0forAXxj2P190S
Be sure to share and subscribe!
____________________________
Resources
A New People-Centric Approach to Determining an Organization's Exposure to a Third-Party Data Breach (Session): https://www.blackhat.com/sector/2024/briefings/schedule/index.html#a-new-people-centric-approach-to-determining-an-organizations-exposure-to-a-third-party-data-breach-41396
Learn more about SecTor Cybersecurity Conference Toronto 2024: https://www.blackhat.com/sector/2024/index.html
____________________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage
Are you interested in sponsoring our event coverage with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Want to tell your Brand Story as part of our event coverage?
Learn More 👉 https://itspm.ag/evtcovbrf
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast