Bra podcast
Sveriges mest populära poddar
- Affärsnyheter
- Alternativ hälsa
- Amerikansk fotboll
- Andlighet
- Animering och manga
- Astronomi
- Barn och familj
- Basket
- Berättelser för barn
- Böcker
- Buddhism
- Dagliga nyheter
- Dans och teater
- Design
- Djur
- Dokumentär
- Drama
- Efterprogram
- Entreprenörskap
- Fantasysporter
- Filmhistoria
- Filmintervjuer
- Filmrecensioner
- Filosofi
- Flyg
- Föräldraskap
- Fordon
- Fotboll
- Fritid
- Fysik
- Geovetenskap
- Golf
- Hälsa och motion
- Hantverk
- Hinduism
- Historia
- Hobbies
- Hockey
- Hus och trädgård
- Ideell
- Improvisering
- Investering
- Islam
- Judendom
- Karriär
- Kemi
- Komedi
- Komedifiktion
- Komediintervjuer
- Konst
- Kristendom
- Kurser
- Ledarskap
- Life Science
- Löpning
- Marknadsföring
- Mat
- Matematik
- Medicin
- Mental hälsa
- Mode och skönhet
- Motion
- Musik
- Musikhistoria
- Musikintervjuer
- Musikkommentarer
- Näringslära
- Näringsliv
- Natur
- Naturvetenskap
- Nyheter
- Nyhetskommentarer
- Personliga dagböcker
- Platser och resor
- Poddar
- Politik
- Relationer
- Religion
- Religion och spiritualitet
- Rugby
- Så gör man
- Sällskapsspel
- Samhälle och kultur
- Samhällsvetenskap
- Science fiction
- Sexualitet
- Simning
- Självhjälp
- Skönlitteratur
- Spel
- Sport
- Sportnyheter
- Språkkurs
- Stat och kommun
- Ståupp
- Tekniknyheter
- Teknologi
- Tennis
- TV och film
- TV-recensioner
- Underhållningsnyheter
- Utbildning
- Utbildning för barn
- Verkliga brott
- Vetenskap
- Vildmarken
- Visuell konst
Om podden
Become a Paid Subscriber: https://podcasters.spotify.com/pod/show/tcybercast/subscribe
JC Gaillard and his guests share their views on both the interesting cybersecurity news stories of the week and their own experiences. Now entering its fourth series with a stronger focus on cyber security leadership, governance and related board-level matters
Released every Thursday
The podcast The Cyber Security Transformation Podcast is created by Corix Partners. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
Avsnitt
Series 5 - Final Episode - "A Look Back at the CrowdStrike Incident and the Meaning of Cyber Resilience" - Episode 25
17 oktober 2024 |
16 min
In this final episode of the series, JC Gaillard and guest Steve Lamb take another look at the CrowdStrike incident and analyze what cyber resilience needs to mean for businesses.
Series 5 - "A Round-up of Key Issues around Cybersecurity and Generative AI" - Episode 24
3 oktober 2024 |
9 min
In this episodes, JC Gaillard focuses on the impact generative AI could be having on cybersecurity practices and goes back to number of key aspects he has been exploring in earlier episodes in this series.
Series 5 - "The Cybersecurity Spiral of Failure: What It Is, and How to Break out of It" - Episode 23
24 september 2024 |
13 min
In this episode, JC Gaillard looks back at the dynamics of the "Cybersecurity Spiral of Failure" and the levers top executives can action to break out of it; this is the theme of his second book, released on Amazon in January 2024 and listeners can buy the book here
Series 5 - "The Way Forward with Cybersecurity Operating Models" - Episode 22
17 september 2024 |
10 min
In this episode, JC Gaillard looks back at the "What", the "How" and the "Who" of change around cybersecurity - as mentioned in episode 21 - and what it takes to build or rebuild a successful cybersecurity operating model; the 2021 Corix Partners white paper on the theme can be downloaded here
Series 5 - "Three Questions and a Reality Check around the Role of the Board with Cybersecurity" - Episode 21
10 september 2024 |
9 min
In this episode, JC Gaillard looks back at cybersecurity governance challenges in the light of a recent article from McKinsey and offers his views on the matter, echoing a number of topics already discussed in earlier episodes of the podcast; the McKinsey article can be found here; JC's original article on the theme can be found here
Series 5 - "Post-Quantum Cryptography: Why It Matters, and What to Do Now?" - Episode 20
3 september 2024 |
20 min
In this episode, JC Gaillard and guest Steven O'Sullivan from Cystel look at the challenges of post-quantum cryptography in the light of the release by the U.S. NIST of new standards in that space
Series 5 - "Teaching the Board to Talk to CISOs" - Episode 19
27 augusti 2024 |
7 min
In this episode, JC Gaillard revisits the issues at the heart of the interaction between the CISO and the Board and highlights why a sense of context is key to establishing meaningful exchanges around cybersecurity; read his original article on the theme here
Series 5 - "Cyber Resilience: Real New Practice or Just a Coat of Paint on Some Old Concepts?" - Episode 18
20 augusti 2024 |
8 min
Series 5 - "Using AI to Talk to the Board about Cyber: Clever Ploy or False Good Idea?" - Episode 17
12 augusti 2024 |
8 min
In this episode, JC Gaillard revisits the intersection between generative AI and cybersecurity, in a complement to the topics explored in episodes 6 and 12 in the first part of Series 5
Series 5 - "The CrowdStrike Outage Under the Spotlight: Cybersecurity Incident ? or Not?"" - Episode 16
5 augusti 2024 |
16 min
In this episode, JC Gaillard and Chris Burtenshaw from Strata Security look back at the recent Crowdstrike outage and analyse the first implications from the incident
Series 5 - "Cybersecurity: The Key Ingredient is Trust, not Money" - Episode 15
30 juli 2024 |
7 min
In this episode, JC Gaillard analyses a recent article from Hacker News and highlights his take on the 5 key questions CISOs should ask about their cybersecurity strategy; read his original article on the theme here
Series 5 - "The Misleading Messages of the Technology Industry around Cybersecurity" - Episode 14
6 juni 2024 |
9 min
In this episode, JC Gaillard looks back at the various messages at the heart of the storytelling of security vendors, and highlights why true independence is a rare but essential commodity in the cybersecurity world; read his original article on the theme here
Series 5 - "Knee-Jerk Reactions to Data Breaches are damaging the case for Cybersecurity" - Episode 13
30 maj 2024 |
8 min
In this episode, JC Gaillard goes back to the dynamics surrounding the procurement of cybersecurity tools and explains why cybersecurity transformation is not - and cannot be - about implementing yet another technology product; read his original article on the theme here
Series 5 - "Generative AI in Cybersecurity: Incremental or Disruptive Innovation?" - Episode 12
23 maj 2024 |
10 min
In this episode, JC Gaillard shares his - still evolving - views on the impact Generative AI can have on cybersecurity and reflects on how the situation have evolved (or not) since his first article on the theme back in 2018
Series 5 - "Large Enterprises Can’t Cope With More Cybersecurity Tools" - Episode 11
16 maj 2024 |
8 min
In this episode, JC Gaillard goes back to the topic of security tools proliferation discussed in previous series and highlights why it should be central to the role of the CISO to build a vision and a product strategy, and drive the decluttering of cybersecurity landscapes
Series 5 - "Leadership: The Real Secret Sauce for the CISO" - Episode 10
9 maj 2024 |
13 min
In this episode, JC Gaillard looks back at the role of the CISO, how it has evolved over the past two decades and where the priorities should be to drive real and lasting transformation around cybersecurity; read his interview on the theme here
Series 5 - "Time to Start Focusing on the Decluttering of the Cyber Security Toolkit Landscape" - Episode 9
2 maj 2024 |
12 min
In this episode, JC Gaillard looks back a the cybersecurity toolkit landscape and the issues already highlighted in earlier series of the podcast and put things in perspective around the need to declutter; read his interview on the theme here
Series 5 - "Why Are Security Vendors So Obsessed with Board Attention?" - Episode 8
25 april 2024 |
8 min
In this episode, JC Gaillard explores the relationship between cybersecurity vendors and Board oversight, why they appear to be so driven by it and where their arguments often appear to be flawed; read his article on the theme here
Series 5 - "A Look Back at the Role of the Board around Cybersecurity Oversight" - Episode 7
18 april 2024 |
10 min
Series 5 - "Generative AI and Cybersecurity: The Big Untold Problem" - Episode 6
11 april 2024 |
8 min
In this episode, JC Gaillard makes a rare foray in the field of Artificial Intelligence and generative AI and highlights what he sees as the big untold problem at the heart of many discussions on the theme; read his article on the theme here on Forbes
Series 5 - "From Threat to Risk: A "threat" is not a "risk" if you are well protected" - Episode 5
4 april 2024 |
9 min
In this episode, JC Gaillard talks around the concept of risk and the importance of using accurate and rigourous language around those aspects across the cybersecurity industry; read more about the approach he highlights in this whitepaper
Series 5 - "Looking Back at the Role of the Virtual CISO and the Reality of Small Firms" - Episode 4
27 mars 2024 |
8 min
In this episode, JC Gaillard looks back at the role of the virtual CISO and in particular why many small firms would often benefit from looking internally first, before jumping to externalised cybersecurity solutions; read his original article on the theme here
Series 5 - "Cybersecurity is Not Working: Time to Try Something Else" - Episode 3
21 mars 2024 |
10 min
In this episode, JC Gaillard continues his journey across cybersecurity governance matters, and in particular he goes back to the construction of the role of the CISO and why it is essential to put it back in its historical perspective; read his original article on the theme here
Series 5 - "Don’t Expect Cybersecurity to Work in Firms where Nothing Does" - Episode 2
14 mars 2024 |
8 min
In this episode, JC Gaillard continues to explore cybersecurity governance and in particular, why it is essential to place it in a broader corporate governance context; read his original article on the theme here
Series 5 - "Cybersecurity Governance, Compliance and Window-Dressing" - Episode 1
7 mars 2024 |
11 min
In this first episode of the series, JC Gaillard explores issues around cybersecurity governance and ownership and in particular, why cyber resilience needs clear accountability from the top; read his original article on the theme here
The UK Government "call for views" around a proposed "Cyber Governance Code of Practice" mentioned in the episode can be found here
Series 4 - Final Episode in the Series - "One Last Look at the Role of the Board around Cybersecurity" - Episode 24
26 oktober 2023 |
12 min
In this final episode of Series 4, JC Gaillard goes back to the role of the Board in relation to cybersecurity and clarifies a number of aspects from earlier episodes; read his original article on the theme here
Series 4 - "Cybersecurity, Cycles and Predictions" - Episode 23
19 oktober 2023 |
8 min
As we reach that time in the journalistic calendar where predictions for the year to come start to appear, JC Gaillard reflects on what it means for the cybersecurity industry and the real cycles over which it has been evolving
Series 4 - "Everybody is talking about Cyber Resilience, but what do they really mean?" - Episode 22
12 oktober 2023 |
12 min
In this episode, JC Gaillard explores the meaning of cyber resilience across the industry, why some many people use the term to mean so many different things and what can be done to harmonise the approach to the concept; read his original (2019) article on the theme here
Series 4 - "The Board needs to own cybersecurity in business terms, not in technology terms" - Episode 21
5 oktober 2023 |
12 min
In this episode, JC Gaillard goes back to the discussions in Episode 14 and 16 and continues to analyse the comments received in response to his earlier article around the failed role of the CISO; in this episode, more on the role of the Board and why it needs to own cybersecurity in business terms, not in technology terms.
Series 4 - "The Relationship between the CISO and the Board: What's Really Going On?" - Episode 20
28 september 2023 |
10 min
In this episode, JC Gaillard starts to explore the nature and the mechanics of the relationship between the CISO and the Board, in the light of two recent surveys and their conflicting headlines; References: The ComputerWeekly article mentioned in the episode can be found here; The InfoSecurityMag article can be found here; and the Proofpoint report "Cybersecurity: The 2023 Board Perspective" here
Series 4 - "The Cybersecurity Spiral of Failure" - Episode 19
21 september 2023 |
8 min
In this episode, JC Gaillard looks back at what has been happening in some large organisations around cybersecurity across the last two decades, and at the dynamics of what he has been calling the "cybersecurity spiral of failure"; read his original article on the theme here
Series 4 - "A Recruitment Perspective on the Role of the CISO" - with guest Owanate Bestman - Episode 18
14 september 2023 |
26 min
In this episode, JC Gaillard looks back at the role of the CISO in the light of discussions on the theme in the last few episodes, and takes a recruitment perspective on the role, its history and its evolution with guest and recruitmemnt specialist Owanate Bestman; some of JC's views on the topic can be found here; Owanate's profile can be found here
Series 4 - "Why are we still talking about the reporting line of the CISO?" - with guest Mark Segelov - Episode 17
7 september 2023 |
20 min
In this episode, JC Gaillard and guest Mark Segelov look back at the reporting line of the CISO, and why it is still a hot topic of discussion amongst cybersecurity professionals; JC's views on the topic can be found in those 2 pieces from 2017 and 2018, which are revisited in the podcast; Mark's Linkedin profile can be found here
Series 4 - "Is it time to accept that the role of the CISO may be failing? - part 2" - Episode 16
31 augusti 2023 |
13 min
In this episode, JC Gaillard goes back to the content of Episode 14 and explores a number of comments received on Linkedin around the associated article, and in particular, how the role of the CSO needs to be conceived and positioned, and the importance of a structured cybersecurity operating model
Series 4 - "The Key Ingredients of a Successful GRC Programme" - Episode 15
24 augusti 2023 |
7 min
In this episode, JC Gaillard looks back at IT GRC programmes, why they often fail, and why integration of business threats, technology risks, controls and protective measures is key to success; read his original article on the theme here.
Series 4 - "Is it time to accept that the role of the CISO may be failing?" - Episode 14
17 augusti 2023 |
9 min
In this episode, JC Gaillard revisits earlier discussions around the role of the CISO, highlighting issues with the historical construction of the role and why a CSO role may be the way forward in some firms; read his original article on the theme here
Series 4 - "From Vendor Risk to Supply Chain Risk - Part 2" - with guest Richard Preece - Episode 13
10 augusti 2023 |
20 min
In this episode, JC Gaillard and Richard Preece continue their exchanges initiated in Episode 6 of this series around supply chain risk and comment on the outcome of the Security Transformation Research Foundation meeting in late June
Series 4 - "The Cybersecurity Numbers Game is a Dangerous One for CISOs" - Episode 12
3 augusti 2023 |
8 min
In this episode, JC Gaillard revisits two apparently conflicting vendor surveys and explores how playing the cybersecurity numbers game can leave CISOs weakened and exposed; read his original article on the theme here
Series 4 - "A Reality Check Around Cybersecurity Benchmarking" - Episode 11
27 juli 2023 |
8 min
In this episode, JC Gaillard looks at the challenges involved with cybersecurity benchmarking, and why the CISOs need to be careful when answering what could be a politically loaded question
Series 4 - "The Momentum Building Behind the Role of the CSO" - Episode 10
20 juli 2023 |
8 min
In this episode, JC Gaillard explores the momentum behind the role of the Chief Security Officer and why it starts to make sense in many firms to evolve the role of the CISO and return it to its native technical content
Series 4 - "Creating Transformational Dynamics around Cybersecurity" - Episode 9
13 juli 2023 |
8 min
Series 4 - "The CISO and the Board" - Episode 8
6 juli 2023 |
8 min
In this episode, JC Gaillard looks back at a recent survey from IANS Research and questions whether you should really expect your current CISO to sit on the Board; read his original article on the theme here
Series 4 - "Dispelling Some Myths around Cybersecurity for Small Businesses" - Episode 7
29 juni 2023 |
9 min
In this episode, JC Gaillard addresses the challenges of cybersecurity for small and mid-size businesses and in particular how a number of misconceptions still lead to the adverse prioritisation of security matters and protective measures; read his original article on the theme here
Series 4 - "From Vendor Risk to Supply Chain Risk" - with guest Richard Preece - Episode 6
22 juni 2023 |
12 min
In this episode, JC Gaillard and guest Richard Preece start exploring the various dimensions involved in managing supply chain risk, what it means for businesses, and how it differs from traditional vendor risk.
Series 4 - "There Are Just Too Many Security Tools and Products" - Episode 5
15 juni 2023 |
8 min
In this episode, JC Gaillard looks back at the state of the cybersecurity industry and analyzes possible reasons behind the proliferation of security tools and services, and the problems it creates for large organizations; read his original article on the theme here
Series 4 - "The When-Not-If Paradigm: Blessing or Curse for the CISO?" - Episode 4
8 juni 2023 |
9 min
In this episode, JC Gaillard goes back to the "when-not-if" paradigm around cyber attacks, which he mentioned in previous episodes, and explores its impact for the CISO; read his original article on the theme here
Series 4 - "What's going on with CISOs and their budgets?" - Episode 3
1 juni 2023 |
9 min
In this third episode of our fourth series, JC Gaillard looks back at cybersecurity budgets and analyzes the reasons behind the considerable underspent highlighted by a recent survey; read his original article on the theme here
Series 4 - "Zero-Trust is not about Zero; it's about Trust" - Episode 2
25 maj 2023 |
9 min
JC Gaillard looks back at a number of aspects involving zero-trust technology and why putting technology first is probably the biggest mistake you can make in that space; read his original article on the theme here
Series 4 - "Time to Go Back to Basics with Cyber Security" - Episode 1
18 maj 2023 |
9 min
Welcome to the 1st episode of our 4th Series - JC Gaillard starts to look back at the various topics that have been catching his eye since the end of the previous series: In this episode, why it is key to look beyond the hype on a number of tech matters and refocus our approach to cyber security on key concepts; read his original article on the theme here
Series 3 - "Process and People first, then Technology" - Episode 24
18 oktober 2022 |
8 min
JC Gaillard reaches the final episode in this third series of the Corix Partners Cyber Security Transformation Podcast, and revisits a few key aspects highlighted throughout the series, in particular the importance of the "Process and People first, then Technology" principle
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 23
11 oktober 2022 |
10 min
JC Gaillard continues to analyze the way the various aspects highlighted in earlier episodes of the Series are interlinked; in this episode, he goes back to the "when-not-if" paradigm around cyber attacks and why tactical and strategic execution is paramount for the new CISO
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 22
4 oktober 2022 |
13 min
JC Gaillard reaches the final episodes in this Series and starts to look at how the various aspects highlighted in earlier episodes are interlinked; in this episode, the key traits senior execs and Board members need to focus on when hiring a new CISO
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 21
27 september 2022 |
13 min
JC Gaillard looks at the way the cyber security agenda needs to be framed at Board level, to enable the best positioning of the role and profile of the new CISO ahead of the "First 100 Days"
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 20
20 september 2022 |
10 min
JC Gaillard digs into the concept and definition of a Security Operating Model, why it needs to underpin the "First 100 Days of the New CISO", and why "Process and People first, then Technology" has to be the main guiding principle here
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 19
13 september 2022 |
12 min
JC Gaillard continues exploring a few specific topics surrounding the "First 100 Days of the New CISO"; in this episode, the reporting line of the CISO, why it matters and how to determine which would work best
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 18
5 september 2022 |
9 min
As part of his continuing exploration of the "First 100 Days of the New CISO", JC Gaillard looks into the profile of the CISO and why management experience is of paramount importance, over and above technical knowledge.
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 17
30 augusti 2022 |
11 min
JC Gaillard continues exploring the topics surrounding the "First 100 Days of the New CISO"; in this episode, he dives into the aspects surrounding the tenure of the CISO and why it is key to driving security transformation
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 16 - with guest Neil Cordell
23 augusti 2022 |
26 min
JC Gaillard is joined by Head of Cyber and Information Security at Swansea University Neil Cordell, to discuss his real-life experience of taking up a new CISO position in the midst of the Covid pandemic, and the lessons that can be learnt about bringing all stakeholders on board the cyber security transformation journey
Neil's details can be found here on Linkedin >> https://www.linkedin.com/in/neilcordell/
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 15
16 augusti 2022 |
11 min
JC Gaillard reaches the end of his exploration of the "First 100 Days of the New CISO" and before moving on to a number of episodes with guests on the theme, he digs into "expectations vs. reality" and explores the root causes of the disconnect which may exist between what the CISO finds on arrival and what they were sold at interview time
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 14
9 augusti 2022 |
12 min
JC Gaillard continues its exploration of the "First 100 Days of the New CISO" with an analysis on how tactical firefighting and the unavoidable handling of cybersecurity incidents must not be seen just as a "curse" throughout the first 100 days, but can be used to build up trust with stakeholders
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 13
2 augusti 2022 |
10 min
JC Gaillard reaches the end of the "6 days-6 weeks-6 months" cycle he explored around "The First 100 Days of the New CISO", and looks at what happens next, and how CISOs can continue to drive change
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 12
26 juli 2022 |
15 min
JC Gaillard reaches the "6 months" part of his journey throughout the "First 100 Days of the New CISO"; in this episode, how to build an execution framework to support the strategic vision defined earlier, and why governance is key at this stage to support lasting change
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 11
19 juli 2022 |
15 min
JC Gaillard continues developing his "6 days - 6 weeks - 6 months" model, framing the first 100 days of the new CISO; in this episode, the six weeks horizon, and how to continue building a strategic framework addressing the key challenges of the new CISO role
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 10
12 juli 2022 |
14 min
JC Gaillard continues to look back at his 2017-2018 series of articles about "The First 100 Days of the New CISO"; in this episode, he looks into the challenges of the first week, and why it is key to understand the firm, its people and its culture from the start
Series 3 - Looking back at "The First 100 Days of the New CISO" - Episode 9
5 juli 2022 |
10 min
We enter the second part of our third series and JC Gaillard starts exploring and revisiting his 2017-2018 series of articles entitled "The First 100 Days of the New CISO"; in this episode, why context is key and how to assess it, looking in turn at the profile of the person, the nature of the role and the maturity of the firm
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 8
28 juni 2022 |
9 min
JC Gaillard reaches the final part in the re-examination of his 2015 series titled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to think in terms of process first when architecting a cyber security practice, and not in terms of technical tools
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 7
21 juni 2022 |
12 min
JC Gaillard reaches the 7th key management pitfall to avoid in his re-assessment of his 2015 series of articles entitled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to look at cyber security as a structured practice, and not just a collection of tactical activities and technical projects
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 6
14 juni 2022 |
11 min
JC Gaillard reaches a key point in his journey through the 8 key management pitfalls for CIOs and CTOs to avoid when building or rebuilding cyber security practices; in this episode, why it is key to see cyber security not just as a technology discipline, and to build it as a cross-silo practice from the start
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice - Episode 5
7 juni 2022 |
12 min
JC Gaillard moves onto his 5th key management pitfall to avoid when building or rebuilding effective and efficient cyber security practices; in this episode, why it is key to think in terms of operating model and work with all stakeholders including HR, in the definition and distribution of cyber security accountabilities and responsibilities
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 4
31 maj 2022 |
11 min
JC Gaillard continues his re-examination of his 2015 series of articles titled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to look beyond the short term and think in terms of process to drive effective and lasting change
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 3
24 maj 2022 |
12 min
JC Gaillard continues exploring and updating his 2015 series on the "CIO Guide to a Successful Cyber Security Practice"; in this episode, why throwing money at the problem is rarely the solution to maturity development around cyber security and why trust is paramount in the relation between the CISO and senior execs
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 2
17 maj 2022 |
12 min
JC Gaillard continues to look back at his 2015 articles series "The CIO Giude to a Successful Cyber Security Practice" and highlights why risk management alone can no longer be the beating heart of cyber security practices
Series 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice" - Episode 1
10 maj 2022 |
12 min
JC Gaillard looks back at his 2015 series of articles published on the Corix Partners blog under the title of "The CIO Guide to a Successful Cyber Security Practice"; in this episode, he re-examines the first pitfall to avoid for CIOs and why cyber security cannot just be seen as an "enabler"
Series 2 - Episode 15 - A Look Back at the log4j Incident - with guest Chris Burtenshaw
3 februari 2022 |
17 min
JC Gaillard is joined by Chris Burtenshaw from Strata Security to discuss how the log4j incident unfolded and was handled, and the lessons that can be learnt from the pas few months
Series 2 - Episode 14 - Where are we now with GDPR? - with guest Cristina Contero
11 januari 2022 |
16 min
JC Gaillard is joined by Cristina Contero from Aphaia to follow up on earlier podcasts episodes on GDPR and review what has changed over the past 6 to 8 months since our last podcast on the theme with Bostjan Makarovic
Series 2 - Episode 13 - A Look Back at Cyber Security in 2021 - with guest Steve Lamb
30 december 2021 |
18 min
JC Gaillard is joined again by guest Steve Lamb, who animated the launch of the first series of the podcast last year; together they look back at the drivers that have shaped cyber security throughout 2021, and more generally throughout the COVID pandemic
Series 2 - Episode 11 - Cyber Security, the CISO and the CIO: Seeing it From Both Sides of the Fence - with guest Natasha McCabe
30 september 2021 |
18 min
JC Gaillard is joined by Natasha McCabe to discuss the leadership lessons which can be learned from having held both CISO and CIO roles, and having seen cyber security from the two sides of the fence
Series 2 - Episode 10 - Oscar O'Connor and JC Gaillard on Security Transformation, Covid-19, People and Trust
12 augusti 2021 |
30 min
JC Gaillard is joined by Oscar O'Connor to discuss "Playing the Triangles", his latest piece on the Corix Partners blog: A reflection on business and security transformation dynamics in the post-covid era
Series 2 - Episode 9 - Looking Back at the Cyber Security Skills Gap: Real Problem or Self-inflicted Pain? - with guest Rayna Stamboliyska
20 juli 2021 |
39 min
JC Gaillard is joined by Rayna Stamboliyska to look back at the cyber security skills back, its implications and how to address it through better talent management, clearer career paths and a greater emphasis on diversity
Series 2 - Episode 8 - The Impact of the COVID Pandemic on Cyber Insurance: What has changed and what to expect? - with guest Hani Banayoti
6 juli 2021 |
19 min
JC Gaillard is joined with Hani Banayoti from CyberSolace to explore the impact the COVID-19 pandemic has had on the cyber insurance sector and what can be expected going forward in terms of new dynamics
Series 2 - Episode 7 - Cyber Security Career Paths: How do you bridge between security roles and IT management roles? - with guest Alexa Glynn
15 juni 2021 |
13 min
JC Gaillard is joined by Alexa Glynn, from Rabobank Australia & New Zealand, to discuss how you transition from security roles into IT management roles and why security professionals don't have to feel condemned to hopping between security jobs
Series 2 - Episode 6 - GDPR and the Schrems II ruling: Where are we now around data transfers between the EU and the US? - with guest Bostjan Makarovic
25 maj 2021 |
16 min
JC Gaillard is joined again by guest Bostjan Makarovic from Aphaia to discuss the impact of the Schrems II ruling on GDPR compliance and data transfers between the EU and the US
Series 2 - Episode 5 - IT Security vs. OT Security: What's the state of play? - with guest Steven O'Sullivan
20 april 2021 |
12 min
JC Gaillard is joined by cyber security expert Steven O'Sullivan to explore the issues surrounding IT and OT convergence and their implications for cyber security at large across industry sectors
Series 2 - Episode 4 - Observability: What does it really mean for cyber security? - with guest Chris Burtenshaw
30 mars 2021 |
11 min
JC Gaillard is joined by Chris Burtenshaw from Strata Security; together they explore the meaning of observability in the cyber security space: Is it just hype over substance? or is there more to it than meet the eye?
Series 2 - Episode 3 - Where are we now with GDPR? - with guest Bostjan Makarovic
9 mars 2021 |
19 min
JC Gaillard is joined by Bostjan Makarovic from Aphaia for a great discussion on GDPR, the size of fine and role of regulators, the risk of irrelevance they may face if they keep things imbalanced, and the impact of the Schrems II ruling
Series 2 - Episode 2 - Resilience: What Does It Really Mean in Business Terms? - with guest Nick Simms
25 februari 2021 |
16 min
JC Gaillard is joined by experienced operational resilience consultant Nick Simms to explore what resilience really means in business terms and where cyber resilience needs to fit within a broader business resilience framework
Series 2 - Episode 1 - How to Frame the Cyber Security Conversation at Board Level? - with guest Richard Preece
16 februari 2021 |
16 min
JC Gaillard is joined by Richard Preece, director of DA Resilience, to explore how best to frame the conversation at Board level around cyber security in order to engineer effective and efficient engagement and top-down dynamics
What did we learn about cyber in the crazy year that was 2020?
11 december 2020 |
17 min
.By any account the last year has been crazy. So much had to change so quickly and that included cyber security. In this episode we discuss the key lessons learned about security and privacy.
Digital transformation - is the role of the CISO becoming an outdated concept?
27 november 2020 |
10 min
COVID has led many organizations to rush their provision or remote access to their employees and many have accelerated their digital transformation programmed. We discuss the role of the CISO in this context.
Ransomware: Why is defense in depth so important?
20 november 2020 |
10 min
We discuss a recent survey that reveals the continued prevalence of ransomware and the shocking amount that organizations typically pay. We talk about how to protect organizations from becoming victims
How to embed security and privacy on the board agenda?
13 november 2020 |
10 min
In this episode we discuss the need for top down engagement by the board to bring life into the to security and privacy strategy of their organisation. We look at the importance of embedding these important considerations into the Environmental, Social and Governance (ESG).
GDPR - when are the regulators going to show their muscles?
6 november 2020 |
13 min
Following the recent announcement from the ICO of significantly reduced fines for BA and Marriott the question has to be asked "Where are the landmark cases of fines in the order of 4% of revenue for huge scale breaches?". Clearly during the pandemic the travel and hospitality industries are under great financial strain but since GDPR came in over two years ago there haven't been any fines that have been anywhere near the expected magnitude.
From Cyber Security Awareness to Genuine Cultural Change: What do you need to make this work?
22 oktober 2020 |
15 min
.We’re joined by Zsuzsanna Berenyi from the London Stock Exchange Group who shares her experience on how to drive cultural change to embed security awareness into organizations.
Where are we with Cyber Insurance?
16 oktober 2020 |
24 min
In this episode we are joined by Hani Banayoti ([email protected]) from Cyber Solace to discuss the ways in which the cyber insurance market has changed over the last ten years. We look at the drivers towards organisations choosing to pay for cyber insurance, it's role in helping them keep the lights on if they are breached and the trends with regard to ransomware and GDPR.
Why it’s important for CISOs not to get lost firefighting
9 oktober 2020 |
12 min
Incoming CISOs clearly have to identify and put out fires. In this episode we discuss why many CISOs get stuck in this phase. We look at ways to enable transformative change.
Why should security and privacy be included in the MVP of startups
2 oktober 2020 |
12 min
We discuss why it’s important to think carefully about how to ensure the Minimum Viable Product (MVP) software written by startups pays attention to the requirements of privacy and security
How to address the proliferation of security tools
25 september 2020 |
15 min
Chris Burtenshaw, CEO of Strata Security joins us to discuss how many organizations have far too many security products and how to address the complexity and management overhead they often bring.
Cyber security skills gap - what skills gap?
11 september 2020 |
11 min
We discuss the extent to which there are opportunities in the cyber industry and how to encourage people to join
Where are we with GDPR?
4 september 2020 |
14 min
Given the financial strain caused by COVID-19 which has been especially severe on the hospitality and airline sectors the likelihood of large fines being imposed on Marriot and BA looks low - what does this mean for compliance?
Is it the right time to adopt Zero Trust Networking?
13 augusti 2020 |
10 min
Zero Trust Networking promises much and is being touted extensively... how much sense does it make at the moment?
Ransomware - key elements to bear in mind and how to respond
7 augusti 2020 |
11 min
The threat to business continuity posed by malicious actors using ransomware isn’t new but it’s causing pain to many. The most recent high profile attack was on Garmin - a company Steve relies upon to help with his marathon training
The importance of data privacy
24 juli 2020 |
10 min
I’m this episode we discuss the need for privacy to be carefully considered and for appropriate controls to be applied together with the challenges for GDPR regulators in light of the COVID pandemic.
Does the role of the "Virtual CISO" make any sense
17 juli 2020 |
11 min
Faced by constant reports of cyber-attacks in the media, most small and medium-size organisations have woken up to the reality of cyber threats over the past few years.
Many still don’t really know what to do to protect themselves and turn to “virtual CISO” services for assistance.
While this is better than doing nothing or relying blindly on the security of cloud providers, those externalised, part-time services – often delivered remotely – are rarely the magic bullet they pretend to be…
The hard truth around cyber security awareness programmes
10 juli 2020 |
10 min
In this episode we discuss how to bring constructive change by culture and top down leadership
The tenure of CISOs
3 juli 2020 |
10 min
We discuss the likely reasons for the trend towards CISOs having short tenure
Ensuring security and privacy for bespoke software
26 juni 2020 |
10 min
We discuss the challenges of ensuring that code that’s written either in-house or commissioned from a third party follows the Security Development Life Cycle
Episode 1
19 juni 2020 |
12 min
This is the first in a series of Cyber Security Transformation Podcasts. Each week JC and Steve will discuss the interesting cyber next stories and our own experiences with clients.
Jean Christophe Gaillard
M: +44 (0)7733 001 530
https://twitter.com/@Corix_JC
Steve Lamb
M: +44 (0)75 0800 8864
https://twitter.com/actionlamb
00:00
-00:00
En liten tjänst av I'm With Friends. Finns även på engelska.