In episode 111 of Cybersecurity Where You Are, Tony Sager is joined by Rick Howard, N2K Chief Security Officer and the Chief Analyst and Senior Fellow at The Cyberwire. Together, they discuss a first principle of cybersecurity proposed by Rick in his book, Cybersecurity First Principles: A Reboot of Strategy and Tactics.

Here are some highlights from our episode:

• 04:30. What drove the need to formulate a foundational cybersecurity assumption
• 07:44. How other "first" principles of cybersecurity have failed
• 14:13. The three elements of Rick's first principle of cybersecurity
• 25:55. How to derive action and improvements from Rick's first principle
• 40:34. Tips on getting started with a risk forecasting strategy

Resources

• Episode 105: Context in Cyber Risk Quantification
• FAIR: A Framework for Revolutionizing Your Risk Analysis
• Election Security Spotlight – CIA Triad
• Episode 44: A Zero Trust Framework Knows No End
• Executive Order on Improving the Nation’s Cybersecurity
• Cybersecurity Canon
• Superforecasting: The Art and Science of Prediction
• How to Measure Anything in Cybersecurity Risk

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].