CISO Tradecraft®

#141 - Emerging Risks (with The Chertoff Group)

Listen Later

On this episode, David London and Adam Isles from the Chertoff Group stop by to discuss emerging risk topics such as AI, Supply Chain Attacks, and the new SEC regulations. Stick around and learn the tradecraft to better protect your company.

Special Thanks to our Sponsors:

  • The Chertoff Group: https://www.chertoffgroup.com.Note you can read more about their thoughts on AI here: https://www.chertoffgroup.com/managing-ai-risks/
  • Prelude: https://www.preludesecurity.com/
  • CPrime: At work, bridging the gap between risk management, IT security, and departments like finance, product, and development can be daunting. Enter Cprime, specializing in harmonious integration through secure code training, DevSecOps implementation, and
    • zero trust practices. We streamline, optimize, and drive innovation, empowering continuous security ops. Transform risk management at Cprime.com/train and use code 'cprimepod' for 15% off training. Unleash potential with us!

    Transcripts: https://docs.google.com/document/d/1tW0kOYCURXgRF-z7UqeQGga0zAkwGuZ9/

    Chapters

    • 00:00 Introduction
  • 02:33 The SEC's Final Rule on Cybersecurity Disclosure
  • 05:29 What is a Material Incident?
  • 07:13 The Commission's Final Rule on Board Engagement in Cybersecurity Risk
  • 10:03 The Four Day Rule for Incident Reporting
  • 12:46 The Implications of the New Role of the CISO
  • 15:46 The Ticking Clock on Disclosure
  • 18:31 SolarWinds and the Software Chain Security Exposure
  • 19:53 The Role of the Software Bill of Materials (SBOM) in the Software Supply Chain Security Challenges
  • 21:29 The Rise of the SBOM
  • 23:16 The Rise of Expectations in the U.S. Government
  • 25:02 The Future of Software Security
  • 27:22 The Progress of the CMMC Program
  • 29:59 The SEC Disclosure Requirements: What to Expect From Your Board
  • 31:57 How to Reduce Complexity in Your Software Development Lifecycle
  • 34:05 How AI is Impacting Our Business and Cyber
  • 37:32 How to Measure and Manage Cyber Risks Effectively
  • 39:57 The SEC's Final Rule on Disclosure
    • ...more
    View all episodesView all episodes
    Download on the App Store
    CISO Tradecraft®By CISO Tradecraft®
    • 4.8
    • 4.8
    • 4.8
    • 4.8
    • 4.8

    4.8

    48 ratings

    More shows like CISO Tradecraft®

    View all
    Security Now (Audio) by TWiT

    Security Now (Audio)

    1,983 Listeners

    Risky Business by Patrick Gray

    Risky Business

    364 Listeners

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

    640 Listeners

    Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

    Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

    369 Listeners

    CyberWire Daily by N2K Networks

    CyberWire Daily

    1,017 Listeners

    Smashing Security by Graham Cluley

    Smashing Security

    316 Listeners

    Click Here by Recorded Future News

    Click Here

    408 Listeners

    Darknet Diaries by Jack Rhysider

    Darknet Diaries

    7,952 Listeners

    Cybersecurity Today by Jim Love

    Cybersecurity Today

    164 Listeners

    CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

    CISO Series Podcast

    189 Listeners

    Hacking Humans by N2K Networks

    Hacking Humans

    312 Listeners

    Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

    Defense in Depth

    76 Listeners

    Cyber Security Headlines by CISO Series

    Cyber Security Headlines

    128 Listeners

    Risky Bulletin by risky.biz

    Risky Bulletin

    43 Listeners

    The Pragmatic Engineer by Gergely Orosz

    The Pragmatic Engineer

    62 Listeners