Forrester Research releases a few annual reoccurring cybersecurity reports, but one of the biggest that covers the most ground is the Security Risk Planning Guide, which was recently released for 2024. One of the report's 17 authors, and research director, Merritt Maxim, will walk us through the report's most interesting insights and highlights. This is going to be considerably interesting considering some of this year's trends impacting security teams:

• An economic downturn, resulting in layoffs and budget freezes
• The widespread proliferation of generative AI technology
• The relentless and resilient nature of cybercrime, despite some notable law enforcement wins
• Ongoing discussion about the role and relevance of SOCs, CISO's, as well as the security department place in today's enterprise
• Increased enterprise reliance on SaaS and Cloud, as vendors and service providers continue to struggle with securing their products and services

If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is.

Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that separate a good cybersecurity tabletop exercise from a bad one! This is literally his day job at Mandiant, and it doesn't hurt to have one of the world's largest libraries of attacker TTPs and the collective lessons learned from thousands of actual incident response experiences.

This week we talk about finding, acquisitions and the state of the market. If you're interested in cybersecurity market discussion, this is the episode for you.

We also discuss what makes a cybersecurity influencer.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/esw-332