This episode of the Blue Dragon podcast features Jason Brown, a seasoned cybersecurity leader, former CISO/vCISO, and author, discussing his book, "Unveiling NIST Cybersecurity Framework 2.0". The conversation centers on the NIST CSF 2.0, emphasizing the critical addition of the "Govern" function. Jason frames the CSF as an excellent introductory framework for building a cybersecurity program, often used in conjunction with the Center for Internet Security (CIS) controls. A key theme is moving cybersecurity beyond a technical "IT problem" and a "checkbox exercise" to a strategic business value driver that builds trust and unlocks revenue. Both speakers highlight the growing global focus on supply chain security (NIST CSF, NIS2, DORA) and the rising personal liability and accountability for CISOs and executives in the US and Europe. The discussion concludes with a deep dive into the importance of a well-structured three-layered documentation approach (Policy, Standard, and Procedure) and a formalized document lifecycle to maintain organizational security maturity.

LINKS

➰ https://bluedragonpodcast.com

➰ linkedin.com/in/jasonbrown17

➰ [email protected]

➰ https://jasonbrown.us

➰ Book: bit.ly/Unveiling-NIST

CHAPTERS

(00:00:00) 00:00:00 Introduction (Guest: Jason Brown, Author)

(00:03:39) Guest Background & Path to Writing NIST CSF 2.0 Book

(00:05:20) Core of NIST CSF 2.0: The addition of the 'Govern' function

(00:06:34) Primary Driver for CSF 2.0: Supply Chain Governance

(00:08:05) CSF's Role: An introductory framework, often paired with CIS Controls

(00:09:21) Security as a Value Driver: Moving past compliance for revenue and trust

(00:11:48) CISO's Role: Building relationships for program and financial support

(00:14:00) Common Mistakes: Failing to assess gaps or focus on the 'how'

(00:15:48) Overview of the Six CSF Functions (Govern, Identify, Protect, Detect, Respond, Recover)

(00:17:43) Prioritizing Governance: It is the hardest step due to changing people

(00:19:32) Overcoming Governance Hurdles: Dialogue with Executive Leadership Teams (ELT)

(00:21:20) Executive Accountability: Personal liability and fines (US SEC, EU NIS2)

(00:25:54) Communicating Value: Use Enterprise Risk instead of technical jargon

(00:27:53) Security as a Business Problem: Not just an IT problem (Jaguar example)

(00:30:41) Engaging Leaders: Involving department heads in identifying critical assets (ID.BE)

(00:32:19) Future CSF Evolution: Expected integration of AI and emerging technologies

(00:33:36) Three-Layered Documentation: Policy (what), Standard (guidelines), Procedure (how-to)

(00:37:05) The Open Policy Framework: Jason's structured documentation approach

(00:38:02) Document Lifecycle: Annual review prevents reliance on outdated, breakable standards

(00:40:04) Personal Updates: Break from writing for family time

(00:40:29) Automotive Industry Security: Brief mention of OT concerns

KEYPOINTS

1. NIST CSF 2.0's "Govern" function is key for a complete cyber program; it is the most critical starting point due to the challenge of changing people.

2. Cybersecurity must be framed as a business value driver and revenue generator, moving past a simple compliance checklist mentality.

3. The CISO's role is strategic: acting as a business enabler by communicating security needs via enterprise risk to the ELT.

4. Global regulations (NIS2, SEC) are increasing personal liability for executives, making robust governance mandatory, not optional.

5. A strong governance structure uses three distinct layers: Policy (public commitment), Standard (confidential guidelines), and Procedure (technical configuration).

6. Security documents must have a formal lifecycle with annual reviews to ensure standards remain current and effective against threats.

LINKS➰ BlueDragon Podcast website: https://bluedragonpodcast.com➰ Book: https://tinyurl.com/CISO-guide➰ Website: ⁠https://TrustedCISO.com⁠ ➰ CISO Guide to Cyber Resilience Book: ⁠https://amzn.to/3Vt1g0o➰ LinkedIn: https://www.linkedin.com/in/debrabakernc➰ TrustedCISO Newsletter: https://bit.ly/TrustedCISO-NewsLetter➰ CISO Guide Course on Udemy: https://bit.ly/ciso-guide-udemy➰ Advanced CISO Guide Course on Udemy: https://bit.ly/advanced-ciso-guide➰ Download the Free Roadmap: ⁠https://bit.ly/CISO-Roadmap⁠➰ YouTube: https://YouTube.com/@TrustedCISO➰ Linktree: ⁠https://linktr.ee/debrabaker

SUMMARY

In this episode of the Blue Dragon podcast, Jetro interviews cybersecurity expert Debra Baker, who shares her extensive experience in the field.

They discuss the evolving role of the CISO, the importance of cyber resilience, and the principles that remain true over time.

Debra emphasizes the need for organizations to prepare for cyber attacks and recover quickly, highlighting the significance of good backups and incident response plans.

The conversation also covers the differences between SOC 2 and ISO 27001 certifications, the role of vCISOs, and the growing importance of supply chain security and operational technology security.

Debra provides valuable insights on building effective cybersecurity teams and influencing organizational culture to prioritize security awareness.

CHAPTERS

(00:00:00) INTRO

(00:00:37) Introduction to Cybersecurity and Cyber Resilience

(00:01:56) Understanding Cyber Resilience

(00:04:10) Principles of Cyber Resilience

(00:06:59) Evolution of Cybersecurity Practices

(00:08:42) Experiencing Cyber Attacks

(00:11:29) Advice for Small Teams

(00:13:28) The Limitations of Certifications

(00:17:43) SOC 2 vs. ISO 27001

(00:21:39) Building an Effective Cybersecurity Team

(00:25:26) The Role of a vCISO

(00:26:50) Operational Strategies and Day-to-Day Management

(00:30:12) Navigating Supply Chain Security

(00:32:49) The Rise of OT Security

(00:34:57) Balancing Technical Knowledge and Business Acumen

(00:39:09) Cultivating a Security-Conscious Culture

(00:43:18) The Evolving Role of the CISO and Market Trends

In this episode of the Blue Dragon podcast, I interview Purav Desai, a dual Microsoft MVP recognized for his contributions in the fields of SIEM, XDR, and Microsoft Purview compliance.

We discuss Purav's journey to becoming an MVP, his role as an incident responder, and the strategic importance of Microsoft Purview in governance and compliance.

The conversation also covers the significance of eDiscovery in legal preparedness, common misconceptions about Microsoft security, and the implementation of data classification policies.

Purav shares insights on how organizations can start their journey in Microsoft security and the evolution of data protection in collaborative tools like Teams.

In this conversation, Purav discusses the balance between automation and human oversight in cybersecurity, emphasizing the importance of understanding processes before automating them.

He shares a real-world incident response case that highlights the need for authority and trust in managing security incidents.

The discussion also covers the emerging threat of insider risks, particularly in light of layoffs, and how organizations can leverage Microsoft tools to mitigate these risks.

Finally, Purav reflects on the choice between adopting a single ecosystem versus a best-of-breed approach in security solutions, and shares his future aspirations in the cybersecurity field.

LINKS

➰ BlueDragon: bluedragonpodcast.com

➰ Purav Desai's LinkedIn: https://www.linkedin.com/in/purav-da346393/

➰ Purav Desai's Github: https://github.com/PuravsPoint

➰ Purav Desai's DecipheringUAL series: https://github.com/PuravsPoint/DecipheringUAL

CHAPTERS

(00:00:00) INTRO

(00:00:30) Introduction to Purav Desai and His Achievements

(00:03:49) Journey to Becoming a Dual Microsoft MVP

(00:06:25) Role of an M365/Azure Incident Responder

(00:09:04) Understanding Microsoft Purview Compliance and Governance

(00:12:32) eDiscovery and Legal Preparedness

(00:15:24) Common Misconceptions About Microsoft Purview

(00:17:54) Implementing Data Classification Policies

(00:22:54) The Evolution of Data Protection in Teams

(00:26:32) Starting with Microsoft Security for Mid-Sized Organizations

(00:30:04) Mature Endpoint Detection and Response Strategies

(00:32:28) Balancing Automation and Human Oversight

(00:38:09) Real-World Incident Response Lessons

(00:46:10) Navigating European Regulations and Insider Threats

(00:51:55) Ecosystem Choices: Best of Breed vs. All-in-One

(00:55:51) Future Aspirations and Community Contributions

(00:59:36) OUTRO

In this episode of the Blue Dragon podcast, I interview Johnny Hooyberghs, an expert in quantum computing and author of 'Introducing Microsoft Quantum Computing for Developers.'

We discuss Johnny's journey into quantum computing, the importance of this technology for businesses, and its current state of development.

Johnny explains the potential applications of quantum computing in various industries, the risks it poses to cybersecurity, and how companies can prepare for its future.

The conversation also touches on the exciting possibilities of combining quantum computing with AI, and the ongoing efforts in Europe to advance quantum research.

LINKS

➰bluedragonpodcast.com

➰linkedin.com/in/johnnyhooyberghs

➰⁠www.involved.be

➰⁠quantumcircle.eu

➰⁠bit.ly/QuaCompute

CHAPTERS

(00:00:00) Introduction to Quantum Computing and Johnny's Journey

(00:03:58) The Importance of Quantum Computing for Businesses

(00:06:59) Current State of Quantum Computing Technology

(00:10:02) Real-World Applications and Business Cases

(00:12:55) Preparing for Quantum Computing in Industries

(00:17:38) Quantum Computing and Cybersecurity Risks

(00:20:45) The Future of Quantum Computing and AI

(00:23:36) Conclusion and Future Outlook

In this episode Jetro interviews Michael Ratemo, a cybersecurity expert and author, discussing his journey from Kenya to becoming a cloud and security leader.

They explore essential topics such as cloud governance, identity and access management, the importance of cloud auditing, and cost management in cloud environments.

Michael emphasizes the need for a business case before moving to the cloud, the significance of training for IT teams transitioning to cloud operations, and the role of Cloud Security Posture Management (CSPM) in maintaining security. The conversation highlights the dynamic nature of cloud environments and the necessity for continuous monitoring and auditing to ensure security and cost-effectiveness.

In this conversation, Michael Ratemo and Jetro discuss the critical aspects of managing cloud operations and cybersecurity.

They emphasize the importance of financial discipline in cloud usage, the necessity of a robust cybersecurity program, and the need to view cybersecurity as a business risk rather than just an IT issue.

They also explore the concept of cyber resilience and how organizations can prepare for and respond to incidents.

Finally, they touch on future trends in cybersecurity, particularly the integration of AI and secure development practices.

LINKS

➰bluedragonpodcast.com⁠

➰⁠https://www.linkedin.com/in/michael-ratemo

➰⁠https://www.cybersecuritysimplified.com

CHAPTERS

(00:00:00) INTRO

(00:00:35) Introduction to Michael Ratemo

(00:06:57) Michael's Journey into Cybersecurity

(00:11:54) Cloud Security Governance Essentials

(00:18:10) Identity and Access Management in the Cloud

(00:24:41) The Importance of Cloud Auditing

(00:27:45) Cost Management in Cloud Environments

(00:29:05) Financial Discipline in Cloud Operations

(00:32:44) Building a Robust Cybersecurity Program

(00:41:42) Cybersecurity as a Business Risk

(00:46:58) The Importance of Cyber Resilience

(00:51:40) Future Trends in Cybersecurity and AI

Shinesa Cambric discusses the critical aspects of cloud auditing, emphasizing the importance of collaboration between developers, risk management, and compliance teams.

She explores the basics of cloud auditing, the significance of governance and documentation, and the impact of identity management on cloud security.

The discussion also highlights the integration of financial operations (FinOps) with cloud auditing and the future trends in cloud auditing, particularly concerning AI.

LINKS

➰⁠https://www.bluedragonpodcast.com⁠⁠

➰https://www.linkedin.com/in/shinesa-cambric

➰https://bit.ly/CloudAuditingBestPractices

CHAPTERS

(00:00:00) INTRO

(00:00:37) Introduction to Shinesa Cambric and Her Journey

(00:03:43) The Importance of Cloud Auditing

(00:06:35) Understanding Cloud Auditing

(00:09:36) The Role of Cloud Providers in Auditing

(00:12:44) Automation in Cloud Auditing

(00:15:26) Training and Awareness in Cloud Security

(00:16:11) The Importance of Collaboration in Cloud Auditing

(00:19:21) Understanding Cloud Auditing Basics

(00:23:18) Marker 1

(00:23:31) Navigating Cloud Security and Compliance

(00:26:26) The Role of Governance in Cloud Auditing

(00:29:20) The Significance of Documentation and Policies

(00:32:29) The Impact of Identity on Cloud Security

(00:35:28) Integrating FinOps with Cloud Auditing

(00:38:47) Future Trends in Cloud Auditing and AI

Joshua Garverink, co-author of the Azure Integration Guide for Business, discusses journey into the tech industry, his experiences with Azure, and the importance of cloud integration for IT leaders.

The conversation covers various themes including the benefits of moving to Azure, the cultural shifts required for cloud adoption, architectural considerations for cloud migration, the significance of network design, and the financial implications of cloud services through FinOps.

In this conversation, Jetro and Josh discuss the critical aspects of cloud operations, focusing on Cloud FinOps, automation, cybersecurity, and the Azure ecosystem.

They emphasize the importance of investing in skills for IT operations, the role of automation in enhancing security, and best practices for OLTP systems in Azure.

The discussion also covers the significance of governance and security in cloud operations, the reality of serverless computing, and the future of Azure with technological innovations.

LINKS

➰⁠⁠https://www.bluedragonpodcast.com⁠⁠

➰⁠⁠⁠https://www.linktr.ee/jgarverick

➰⁠⁠⁠https://bit.ly/AzureGuideBusiness

CHAPTERS

(00:00:00) INTRO

(00:00:42) Introduction to Azure Integration and Author Background

(00:05:33) Unlocking Opportunities with Azure for IT Leaders

(00:10:09) Cultural Shifts in Cloud Adoption

(00:12:04) Architectural Considerations for Cloud Migration

(00:16:39) The Importance of Network Design in Azure

(00:21:50) Understanding Cloud Costs and FinOps

(00:25:12) Understanding Cloud FinOps and Cost Management

(00:25:45) The Importance of Automation in Cloud Operations

(00:30:33) Investing in Skills for IT Operations

(00:31:38) The Role of Automation in Cybersecurity

(00:32:09) Best Practices for OLTP Systems in Azure

(00:35:07) Exploring the Azure Ecosystem for Data Analytics

(00:37:33) Serverless Computing: Hype or Reality?

(00:43:28) Governance and Security in Cloud Operations

(00:45:47) The Future of Azure and Technological Innovations

SUMMARY

Graham Gold, co-author of the Microsoft Cybersecurity Architect Exam, discusses extensive background in IT, the relevance of cybersecurity architecture in cloud environments, and the evolving landscape of cybersecurity practices.

Key topics include the importance of identity management, the challenges of hybrid cloud environments, and strategies for assessing and improving security in cloud applications.

The conversation emphasizes the need for visibility, risk management, and a proactive approach to cybersecurity. Moreover Graham Gold discusses critical aspects of modern security architecture, emphasizing the importance of least privilege, segregation of duties, and the roles of SIEM and SOAR in enhancing security operations.

He highlights the necessity of automation in security processes to keep pace with the rapid changes in cloud environments.

The discussion also covers the state of security awareness in financial services, navigating compliance in the cloud, budgeting for security investments, and the shared responsibility model in cloud security.

Finally, Graham provides insights on preparing for the SC-100 exam and his future endeavors in the field of security.

LINKS

➰⁠⁠⁠https://www.bluedragonpodcast.com⁠⁠⁠

➰https://www.cirriustech.co.uk

➰https://bit.li/SC100_Graham_Gold

CHAPTERS

(00:00:00) INTRO

(00:00:40) Introduction to Cybersecurity Architecture

(00:03:57) Understanding Microsoft Certification Levels

(00:05:52) The Relevance of Cybersecurity in Cloud

(00:08:03) Shifts in Cybersecurity Architecture with Cloud

(00:11:11) Identity as the New Perimeter

(00:15:59) Challenges in Hybrid Cloud Environments

(00:20:05) Making Sense of Data in the Cloud

(00:24:57) Assessing Security in Cloud Environments

(00:31:36) Implementing Defense in Depth Strategies

(00:33:10) Understanding Least Privilege and Segregation of Duties

(00:33:38) The Role of SIEM and SOAR in Security Architecture

(00:36:01) Automation in Security Operations

(00:38:36) The State of Security Awareness in Financial Services

(00:40:39) Navigating Compliance in the Cloud

(00:43:22) Budgeting for Security: Prioritizing Investments

(00:50:38) The Shared Responsibility Model in Cloud Security

(00:53:35) Preparing for the SC-100 Exam and Future Insights

SUMMARY

Eyal Estrin discusses his background in cloud security and the importance of adapting to new security challenges in cloud environments.

He emphasizes the shared responsibility model, the critical nature of identity and access management, and the risks associated with neglecting cloud security.

Also he shares insights on budgeting for security investments, balancing agility with security, and common pitfalls organizations face in cloud security.

In this conversation, Eyal Estrin discusses various aspects of cloud security, focusing on identity and access management, data protection strategies, and the importance of knowledge in cybersecurity.

We emphasize the need for organizations to adopt best practices in managing identities, implementing encryption, and preparing for future threats in the cloud landscape.

The discussion also highlights the significance of privileged identity management and the role of training in bridging knowledge gaps among IT professionals.

LINKS

➰⁠⁠⁠https://www.bluedragonpodcast.com⁠⁠⁠

➰https://www.linkedin.com/in/eyalestrin

➰https://x.com/eyalestrin

➰https://www.mastodon.social/@eyalestrin

➰https://www.threads.net/@eyalestrin

➰https://bit.ly/EyalCloudSecurity

CHAPTERS

(00:00:00) INTRO

(00:00:36) Introduction to Cloud Security and Eyal's Background

(00:02:46) Understanding Cloud Security Challenges

(00:04:25) The Importance of Cloud Security Today

(00:06:15) Shared Responsibility Model in Cloud Security

(00:08:18) Key Risks of Neglecting Cloud Security

(00:10:49) Changing Mindsets in Cloud Security

(00:13:04) Layered Security Approach in Cloud

(00:15:23) Budgeting for Cloud Security Investments

(00:18:31) Balancing Agility and Security in Cloud Deployments

(00:26:26) The Cornerstone of Identity and Access Management

(00:28:37) Common Pitfalls in Identity and Access Management

(00:29:57) Enhancing Identity and Access Management

(00:31:00) Break-Glass Scenarios in Production Environments

(00:32:48) Privileged Identity Management (PIM) Insights

(00:34:46) Data Protection and Encryption Strategies

(00:39:10) Future Threat Landscape in Cloud Security

(00:43:09) Bridging the Knowledge Gap in Cybersecurity

(00:45:29) Final Thoughts on Cloud Security Best Practices

In this episode of the Blue Dragon podcast, Krishna Chaitanya Rao Kathala, author of 'Privacy in the Age of Innovation' discusses the importance of privacy in the context of AI, the role of Privacy Enhancing Technologies (PETs), and how organizations can implement these technologies to ensure compliance with regulations like GDPR.

Krishna explains various techniques such as differential privacy, federated learning, and homomorphic encryption, and emphasizes the need for a structured approach to data governance and security in AI applications.

LINKS

➰⁠⁠⁠https://www.bluedragonpodcast.com⁠⁠⁠

➰https://dub.sh/YengVh6

➰https://www.linkedin.com/in/krishnachaitanyarao

➰email: [email protected]

CHAPTERS

(06:11) The Rise of AI and Privacy Concerns

(09:00) Key Techniques of Privacy Enhancing Technologies

(12:00) Implementing PETs in AI Lifecycle

(18:01) Choosing the Right PET for Your Organization

(24:50) Building Secure AI Solutions

(29:49) Best Practices for Cloud Security in AI

(34:50) Measuring Effectiveness of PETs

(45:02) Conclusion and Future Directions