scottlyons

Utilizing quantitative (vs qualitative) metrics in a security program is the first step in maturing it from a technical novelty to something a business can align with and see value from. Understanding where security fits into risk management.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode12

It was once said that if Security and Compliance were in a relationship the status would be "It's Complicated". This discussion will aim to help you understand this relationship and how it can be beneficial or a mere distraction to an organization's overall security posture. - Define "Secure" and "Compliant". - Does compliance merely raise awareness about security shortcomings? - What is the relationship between Security and Compliance? - Being Secure and being Compliant are mere points in time, how can we best develop a process to ensure we are always striving to a secure and compliant state? - How does Security impact and/or influence Compliance? - How does Compliance impact and/or influence Security? - How do you balance these extremes: "We will be Secure and ignore compliance" vs. "We will be compliant but ignore security"

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode632

Steve Levinsonis the Vice President - Risk, Security & Privacy at Online Business Systems. Steve’s strong technical and client management skills combined with his holistic approach to risk management resonates with clients and employees alike. To learn more about Online Business Systems, visit: https://securityweekly.com/online

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode11

Steve Levinsonis the Vice President - Risk, Security & Privacy at Online Business Systems. Steve’s strong technical and client management skills combined with his holistic approach to risk management resonates with clients and employees alike.

To learn more about Online Business Systems, visit: https://securityweekly.com/online

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode11

Equifax nears 'historic' data breach settlement that could cost up to $3.5B, Maryland Again Amends its Data Breach Notification Law, Hidden Complexity is Biggest Threat to Compliance , Data Security Remains Top IT Concern for Small Businesses and Others, A Compliance Carol: A visit from the Ghost of Compliance Past, and more!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode10

Laura Jones is the author of a children’s book titled Cyber Ky & Tekkie Guy Manage the Risk of Being Online. She focuses on children being as 'appropriately informed' as they are comfortable with using technology. Her book introduces real terms, definitions and careers to young people. Laura joins Jeff and Scott to discuss Orienting Younger Children to Cyber and Tech!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode10

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains, Sentara Hospitals to pay $2.2M HIPAA settlement for undisclosed data breaches, Privacy Regs Changing the Face of Cybersecurity, TrueDialog Leaks 600GB of Personal Data, Affecting Millions, CFTC Fines Goldman Sachs $1 Million for Failing to Record Calls Global Cops Shut 31,000 Domains in IP Crackdown, and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode9

Mathieu Gorge is the CEO at Vigitrust. The approach that business leaders need to take in developing payment risk strategies, linking, PCI, ISO, GDPR, CCPA, SCA.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode9

Russell and Jim will discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode8

Russell and Jim will discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode8

Verizon finds payment security declines for 2nd consecutive year, Is My PCI Compliance Good Enough to Serve as a Network Cybersecurity Audit?, Getting Prepared for New York’s Expanded Security Breach and Data Security Requirements, Virginia Builds New Model for Quantifying Cybersecurity Risk, Five Cyber Program Elements Financial Services Firms Must Cover To Stay Compliant, and more!

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/SCWEpisode7

On SCW this week, we talk about the 2019 Verizon Payment Security Report. We discuss Why is PCI Compliance Decreasing?, why is it decreasing?, what's missing?, and what needs to change?

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode7

Payment Security Compliance Declines - 1 in 3 Companies Make the Grade, RMC Agrees to $3M HIPAA Settlement Over Mobile Device Encryption, How Emerging Technologies Are Disrupting the Banking Compliance Landscape, and much more!

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode6

They answer questions like what is a security program and what is a compliance program?, Aren't they the same thing?, What are some differences?, Where do they overlap or how should they work together?, Do they compete for the same budget?, and more!

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode6

Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include cybersecurity, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode4

What does your business need to know about the California Consumer Privacy Act (CCPA)?, California AG: No CCPA Safe Harbor for GDPR Compliance, Canada data breach tally soars since new privacy laws arrived, Marijuana Compliance and the quandary for brokers and dealers, and much more!

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode5

Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include cybersecurity, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode4

Josh Marpet and Scott Lyons perform interviews at 2019 NACD Blue Ribbon Commission Initiative.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode3

New York’s Breach Law Amendments and New Security Requirements, Cybersecurity, The C-Suite, & The Boardroom: The Rising Specter Of Director & Officer Liability, Kaiser says data breach exposed information on nearly 1,000 Sacramento-area patients, Companies Still Not Prepared to Comply with GDPR and Potential EU Data Breaches, The Human Factor of Cyber Security, and much more!

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode2

Jeff Man, Scott Lyons, Josh Marpet, and Matt Alderman talk about PCI and how it affects the state of the union.

Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SCWEpisode1