Sign up to save your podcasts
Or
Share Cybersecurity Maturity: What Associations Need to Know
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cybersecurity Maturity: What Associations Need to Know
In this episode of Reboot IT, host Dave Coriale sits down with Ben Muscolino, CEO of Breezio, Data Sangria, and co-founder at Vortacity, and Ryan O'Donnell, CTO at Vortacity, to demystify cybersecurity for associations and nonprofits. They explore the evolving threat landscape, the importance of proactive security measures, and how organizations can build a culture of cybersecurity without fear or shame. From phishing-resistant MFA to red team engagements, this conversation is packed with practical advice for leaders and IT professionals alike.
Themes and Topics:
Cybersecurity Culture and Leadership
- Cybersecurity must be embraced across the organization, not just by IT.
- Leaders should foster a “shameless and blameless” environment for open dialogue.
- Culture impacts how teams respond to threats and education efforts.
Phishing and Account Takeover Risks
- Phishing remains the most common entry point for breaches.
- Attackers often dwell silently before exploiting access.
- Social engineering tactics are becoming more sophisticated.
Cybersecurity Maturity
- Organizations should progress from asset inventory to vulnerability scans, pen tests, and red team engagements.
- Skipping foundational steps can lead to ineffective or costly security efforts.
- Tailoring assessments to organizational needs is key.
Penetration Testing and Red Teaming
- Pen tests simulate real-world attacks to expose vulnerabilities.
- Red team engagements test people, processes, and systems under stealth conditions.
- Trusted agents within the organization coordinate red team efforts discreetly.
Deception Technology and Canary Tokens
- Canary tokens act as tripwires to detect post-compromise behavior.
- These tools are low-cost and high-impact for early breach detection.
- Ideal for organizations with limited cybersecurity resources.
Budgeting and Advocacy for Cybersecurity
- Cybersecurity is often the first to be cut during budget reviews.
- IT leaders must communicate risk in terms of cost and organizational responsibility.
- Starting small is better than doing nothing—get from zero to one.
View all episodes
By Dave Coriale, CAE
5
1515 ratings
In this episode of Reboot IT, host Dave Coriale sits down with Ben Muscolino, CEO of Breezio, Data Sangria, and co-founder at Vortacity, and Ryan O'Donnell, CTO at Vortacity, to demystify cybersecurity for associations and nonprofits. They explore the evolving threat landscape, the importance of proactive security measures, and how organizations can build a culture of cybersecurity without fear or shame. From phishing-resistant MFA to red team engagements, this conversation is packed with practical advice for leaders and IT professionals alike.
Themes and Topics:
Cybersecurity Culture and Leadership
- Cybersecurity must be embraced across the organization, not just by IT.
- Leaders should foster a “shameless and blameless” environment for open dialogue.
- Culture impacts how teams respond to threats and education efforts.
Phishing and Account Takeover Risks
- Phishing remains the most common entry point for breaches.
- Attackers often dwell silently before exploiting access.
- Social engineering tactics are becoming more sophisticated.
Cybersecurity Maturity
- Organizations should progress from asset inventory to vulnerability scans, pen tests, and red team engagements.
- Skipping foundational steps can lead to ineffective or costly security efforts.
- Tailoring assessments to organizational needs is key.
Penetration Testing and Red Teaming
- Pen tests simulate real-world attacks to expose vulnerabilities.
- Red team engagements test people, processes, and systems under stealth conditions.
- Trusted agents within the organization coordinate red team efforts discreetly.
Deception Technology and Canary Tokens
- Canary tokens act as tripwires to detect post-compromise behavior.
- These tools are low-cost and high-impact for early breach detection.
- Ideal for organizations with limited cybersecurity resources.
Budgeting and Advocacy for Cybersecurity
- Cybersecurity is often the first to be cut during budget reviews.
- IT leaders must communicate risk in terms of cost and organizational responsibility.
- Starting small is better than doing nothing—get from zero to one.
More shows like Reboot IT - Nonprofit and Association Technology Conversations for All
View all
Build a Better Agency Podcast
286 Listeners
Pod Save America
87,394 Listeners
The Daily
112,484 Listeners
Associations Thrive
37 Listeners