Sign up to save your podcasts
Or
Share Navigating NIST CSF 2.0: Guide to Frameworks and Governance
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Navigating NIST CSF 2.0: Guide to Frameworks and Governance
In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what it takes to shift from being technical to managing compliance, governance, and broader security programs in industries like retail and advertising.
Throughout the conversation, we dive into the specific challenges of transitioning from a purely cloud-based tech company to a bricks-and-mortar retail operation, highlighting how the threat models differ dramatically between these environments. Lukasz shares his unique perspective on cybersecurity frameworks like NIST CSF 2.0, essential for building resilient programs, and offers practical advice for selecting the right framework based on your organization's needs.
Guest Socials: Lukasz's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:00) A bit about Lukasz
(04:32) Security Challenges for Tech First advertising company
(05:16) Security Challenges for Retail Industry
(06:00) Difference between the two industries
(07:01) Best way to build Cybersecurity Program
(09:44) NIST CSF 2.0
(13:02) Why go with a framework?
(16:26) Which framework to start with for your cybersecurity program?
(18:33) Technical CISO vs Non Technical CISO
(25:37) The Fun Section
Resources spoken about during the interview:
NIST CSF 2.0
CIS Benchmark
ASD Essential Eight
Mapping between the frameworks
https://www.cisecurity.org/insights/white-papers/cis-controls-v8-mapping-to-nist-csf-2-0
https://www.cisecurity.org/insights/white-papers/cis-controls-v8-mapping-to-asds-essential-eight
Verizon Data Breach Investigations Report (DBIR)
Lukasz Woodwork Channel
BSides Melbourne
View all episodes
By Cloud Security Podcast Team
5
5454 ratings
In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what it takes to shift from being technical to managing compliance, governance, and broader security programs in industries like retail and advertising.
Throughout the conversation, we dive into the specific challenges of transitioning from a purely cloud-based tech company to a bricks-and-mortar retail operation, highlighting how the threat models differ dramatically between these environments. Lukasz shares his unique perspective on cybersecurity frameworks like NIST CSF 2.0, essential for building resilient programs, and offers practical advice for selecting the right framework based on your organization's needs.
Guest Socials: Lukasz's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:00) A bit about Lukasz
(04:32) Security Challenges for Tech First advertising company
(05:16) Security Challenges for Retail Industry
(06:00) Difference between the two industries
(07:01) Best way to build Cybersecurity Program
(09:44) NIST CSF 2.0
(13:02) Why go with a framework?
(16:26) Which framework to start with for your cybersecurity program?
(18:33) Technical CISO vs Non Technical CISO
(25:37) The Fun Section
Resources spoken about during the interview:
NIST CSF 2.0
CIS Benchmark
ASD Essential Eight
Mapping between the frameworks
https://www.cisecurity.org/insights/white-papers/cis-controls-v8-mapping-to-nist-csf-2-0
https://www.cisecurity.org/insights/white-papers/cis-controls-v8-mapping-to-asds-essential-eight
Verizon Data Breach Investigations Report (DBIR)
Lukasz Woodwork Channel
BSides Melbourne
More shows like Cloud Security Podcast
View all
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
629 Listeners
The Cloudcast
153 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
CyberWire Daily
1,011 Listeners
AWS Podcast
201 Listeners
Smashing Security
313 Listeners
Malicious Life
925 Listeners
Darknet Diaries
7,821 Listeners
Cybersecurity Today
164 Listeners
CISO Series Podcast
188 Listeners
Hacking Humans
310 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
119 Listeners
Risky Bulletin
33 Listeners