To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Ik snap het!
Artwork

Tech SecurityStudios
Inhoud geleverd door SecurityStudio. Alle podcastinhoud, inclusief afleveringen, afbeeldingen en podcastbeschrijvingen, wordt rechtstreeks geüpload en geleverd door SecurityStudio of hun podcastplatformpartner. Als u denkt dat iemand uw auteursrechtelijk beschermde werk zonder uw toestemming gebruikt, kunt u het hier beschreven proces https://nl.player.fm/legal volgen.
Player FM - Podcast-app
Ga offline met de app Player FM !
Get it on App Store Get it on Google Play

CvCISO Podcast « »
CvCISO Podcast Episode 32: Navigating the Assessment Landscape Pt 2

54:10
 
Spelen
Spelen
Delen
 

MP3Thuis aflevering
Manage episode 451539642 series 3592348
Inhoud geleverd door SecurityStudio. Alle podcastinhoud, inclusief afleveringen, afbeeldingen en podcastbeschrijvingen, wordt rechtstreeks geüpload en geleverd door SecurityStudio of hun podcastplatformpartner. Als u denkt dat iemand uw auteursrechtelijk beschermde werk zonder uw toestemming gebruikt, kunt u het hier beschreven proces https://nl.player.fm/legal volgen.
Summary
In this episode of the CvCISO Podcast, the hosts continue their assessment discussion, focusing on the roles of CEO, CFO, and VC. They explore the importance of separation of duties, risk management, and the impact of experience on wisdom. The conversation transitions into the assessment process, covering topics such as screening and background checks, security policies, employee monitoring, and training for privileged users. The hosts emphasize the need for awareness training and the significance of having a structured approach to security in small businesses. In this conversation, the speakers delve into various aspects of information security, focusing on the definitions and roles of privileged users, the importance of post-employment processes, and the management of assets and inventories. They discuss the need for formal information classification guidelines and the handling of removable media. The conversation also touches on the disposal of media, the inventory of cloud services, and the relationship between compliance and risk management, emphasizing the importance of foundational security practices over compliance minutiae.
Takeaways
  • Separation of duties is crucial in risk management.
  • Experience with pain can lead to wisdom.
  • High turnover necessitates thorough background checks.
  • Employee training should include security awareness.
  • Privileged users require specialized training.
  • Monitoring employees can help detect cybersecurity events.
  • Transparency is key during technical difficulties.
  • Assessments can reveal gaps in security practices.
  • Risk acceptance is a legitimate strategy.
  • Regular reviews of security policies are essential.
  • All admins are considered privileged users.
  • It's essential to define what constitutes a privileged user in an organization.
  • A solid onboarding and offboarding process is crucial for security.
  • Asset management includes both physical devices and software.
  • Information classification should be formalized to enhance security.
  • Removable media poses unique risks that need to be managed.
  • Media disposal processes should be clearly defined and followed.
  • Organizations often lack a complete inventory of cloud services.
  • Compliance requirements can influence how assessments are conducted.
  • It's important to focus on foundational security practices rather than compliance minutiae.
  continue reading

34 afleveringen

#Tech #SecurityStudios
Artwork

CvCISO Podcast Episode 32: Navigating the Assessment Landscape Pt 2

CvCISO Podcast

published

Spelen Spelen
iconDelen
 
MP3Thuis aflevering
Manage episode 451539642 series 3592348
Inhoud geleverd door SecurityStudio. Alle podcastinhoud, inclusief afleveringen, afbeeldingen en podcastbeschrijvingen, wordt rechtstreeks geüpload en geleverd door SecurityStudio of hun podcastplatformpartner. Als u denkt dat iemand uw auteursrechtelijk beschermde werk zonder uw toestemming gebruikt, kunt u het hier beschreven proces https://nl.player.fm/legal volgen.
Summary
In this episode of the CvCISO Podcast, the hosts continue their assessment discussion, focusing on the roles of CEO, CFO, and VC. They explore the importance of separation of duties, risk management, and the impact of experience on wisdom. The conversation transitions into the assessment process, covering topics such as screening and background checks, security policies, employee monitoring, and training for privileged users. The hosts emphasize the need for awareness training and the significance of having a structured approach to security in small businesses. In this conversation, the speakers delve into various aspects of information security, focusing on the definitions and roles of privileged users, the importance of post-employment processes, and the management of assets and inventories. They discuss the need for formal information classification guidelines and the handling of removable media. The conversation also touches on the disposal of media, the inventory of cloud services, and the relationship between compliance and risk management, emphasizing the importance of foundational security practices over compliance minutiae.
Takeaways
  • Separation of duties is crucial in risk management.
  • Experience with pain can lead to wisdom.
  • High turnover necessitates thorough background checks.
  • Employee training should include security awareness.
  • Privileged users require specialized training.
  • Monitoring employees can help detect cybersecurity events.
  • Transparency is key during technical difficulties.
  • Assessments can reveal gaps in security practices.
  • Risk acceptance is a legitimate strategy.
  • Regular reviews of security policies are essential.
  • All admins are considered privileged users.
  • It's essential to define what constitutes a privileged user in an organization.
  • A solid onboarding and offboarding process is crucial for security.
  • Asset management includes both physical devices and software.
  • Information classification should be formalized to enhance security.
  • Removable media poses unique risks that need to be managed.
  • Media disposal processes should be clearly defined and followed.
  • Organizations often lack a complete inventory of cloud services.
  • Compliance requirements can influence how assessments are conducted.
  • It's important to focus on foundational security practices rather than compliance minutiae.
  continue reading

34 afleveringen

#Tech #SecurityStudios

सभी एपिसोड

×
 
Loading …

Welkom op Player FM!

Player FM scant het web op podcasts van hoge kwaliteit waarvan u nu kunt genieten. Het is de beste podcast-app en werkt op Android, iPhone en internet. Aanmelden om abonnementen op verschillende apparaten te synchroniseren.

 

Luister naar 500+ onderwerpen
Player FM - Podcast-app
Ga offline met de app Player FM !
Get it on App Store Get it on Google Play

Korte handleiding

Top-podcasts
Bureau Sport Podcast
De Koffiecorner
NOS Langs de Lijn Sportforum
Macro met Boot en Mujagić | BNR
FOKCAST
Somertijd Podcast
Schokkend Nieuws Podcast
Gremlins Strike Back
Digitaal | BNR
NOS Met het Oog op Morgen
Argos
Leven Zonder Stress
Wetenschap Vandaag | BNR
Radio Swammerdam
Echt Gebeurd
De Correspondent
De Nieuwe Willem
De moord op Patrick
De Blankenberge Tapes
Player FM logo
Hulp of Veelgestelde vragen | Verbeteren | Adverteren
Kunst|Zakelijk|Komedie|Economie|Entertainment|Nieuws|Politiek|Religie
Wetenschap|Voetbal|Sport|Verhaal vertellen|Technologie|Waargebeurde verhalen
Copyright 2024 | Sitemap | Privacybeleid | Servicevoorwaarden | | auteursrechten
Episode being played series thumbnail
icon icon
Snelheid
Serie instellingen
1x
1x
Volume
100%
icon
icon icon
/

Bekijk Player FM in ...
Player FM
Browser
Chrome
Safari
Firefox