Compyl Security Sessions

Hosted by Daniel Tangney

Technology NewsInterviews guests

Website RSS feed

Episodes

Latest episode

Jul 2024

Language

EN-US

About the show

"Security Sessions by Compyl" is your go-to podcast for insightful discussions with prominent Governance, Risk Management, and Compliance (GRC) community leaders. Tune in as we dive into emerging, trending, and future topics, providing invaluable educational insights for our viewers. Join us on this journey to explore the ever-evolving landscape of security, compliance, and risk management with the experts who are shaping its future.

Listen to episodes

22 recent

July 9, 202419 min

Compyl Security Sessions S2E4 - Developing Quantifiable Metrics for Security Programs

Organizations today face the critical challenge of implementing robust security measures and effectively measuring their impact. As we move into 2024, this challenge becomes increasingly complex, with heightened scrutiny from boards and regulatory bodies demanding clearer insights into an organization's security posture. The need for quantifiable metrics in information security programs is paramount to safeguarding against threats and securing necessary funding and support from decision-makers. The core of this issue lies in developing and implementing metrics that accurately reflect the effectiveness and efficiency of security initiatives. These metrics must be carefully aligned with the organization's specific security goals and overall business objectives. They serve a dual purpose: firstly, as a tool for internal assessment and continuous improvement of the security program, and secondly, to communicate the program's value and needs to non-technical stakeholders, including executive boards and investors.

May 14, 202426 min

Compyl Security Sessions S2E3 - Transforming Employee Behavior in the Digital Age

Welcome to Security Sessions Podcast, Season 2, Episode #3: "Transforming Employee Behavior in the Digital Age" The significance of security awareness training cannot be overstated. As technology advances and cyber threats become increasingly sophisticated, the human element remains a vital asset and a significant vulnerability within any organization's security posture. This panel discussion aims to dive into the multifaceted world of security awareness training, exploring its critical role in fortifying organizations against daily cyber threats. Our esteemed panelists come with a wealth of experience in information security, having spearheaded numerous initiatives to enhance the security literacy of employees across various sectors. This discussion will not only shed light on the best practices and innovative approaches to security awareness training. Still, it will also take a holistic view of information security, acknowledging its current challenges, future trends, and the indispensable role of human vigilance in safeguarding digital assets. As we navigate through these topics, our goal is to uncover insights that will not only inform but also inspire organizations to adopt a more proactive and comprehensive approach to information security, recognizing that a well-informed and security-conscious workforce is their best defense against the ever-present threat of cyberattacks.

May 14, 202428 min

Compyl Security Sessions S2E2 - New Technology Impacts Compliance Standard

Welcome to Security Sessions Podcast, Season 2 Episode #2: "New Technology Impacts Compliance Standard In today's rapidly evolving digital landscape, where technological advancements are constant and cyber threats are becoming more complex, the convergence of cybersecurity and compliance is paramount. This episode of Security Sessions, "New Technology Impacts Compliance Standards," is designed to explore this critical junction, focusing on the transformative effects that new technologies have on cybersecurity threats and compliance standards. We are proud to host a panel discussion that promises to offer deep insights into the current and future state of cybersecurity and compliance. The discussion will cover a broad spectrum of pertinent topics: The Emerging Cybersecurity Threats An exploration of the latest cybersecurity challenges and the implications for organizations across various sectors. Evolution of Compliance Standards An in-depth look at the evolving nature of compliance standards such as SOC, PCI DSS, HIPAA, HITRUST CSF, and ISO 27001/27002, and how organizations can stay ahead. Impact of Technological Innovations A critical analysis of how AI, ML, blockchain, and other technological innovations are reshaping the future of cybersecurity and compliance. Attendees will gain invaluable insights into how to effectively navigate and adapt to the emerging trends in cybersecurity and compliance. This webinar is a must-listen for security professionals eager to understand the challenges and opportunities of new cybersecurity threats and the evolving landscape of compliance standards. Join us for a session that aims to arm you with the knowledge and strategies needed to navigate the complexities of today's cybersecurity and compliance standards, ensuring your organization remains resilient and ahead of the curve.

January 26, 202431 min

Compyl Security Sessions S2E1 - Will 2024 be the Turning Point for Industry Cybersecurity

In this Season 2 kickoff episode of Security Sessions, we jump into the crucial question that's on everyone's mind as we step into 2024: Will this year be the watershed moment for cybersecurity across all industries? Join us as we explore the evolution from reactive measures to a proactive and resilient cybersecurity stance. Key Topics: 1. The Evolution of Cybersecurity: Understand the journey from reactive strategies to proactive solutions in the cybersecurity realm.The 2024 2. Cybersecurity Landscape: Analyze the current trends and predictions for this crucial year. 3. Resilience and Continuity: Learn why robust cybersecurity is now a fundamental aspect of business continuity. 4. Global Impact: Explore how cybersecurity is not just about protecting individual organizations but safeguarding our interconnected digital world. Expert Insights: In this episode, we are joined by renowned cybersecurity experts, including Stas Bojoukha, CEO and Founder of Compyl, William Klusovsky, Cybersecurity Executive Leader at Stratascale, and Geoff Hancock, CISO from Access Point Technology. They will share their insights on what 2024 holds for cybersecurity and why this year could be the turning point we've all been waiting for. Why Listen to This Episode? Gain a comprehensive understanding of why a proactive cybersecurity approach is vital in 2024. Discover the latest tools and strategies that organizations are adopting to ensure robust digital defense. Learn about the global implications of cybersecurity on business and society. Disclaimer: This podcast does not necessarily represent the opinions of Compyl employees and their guests on the show. The content provided is for informational purposes only, Views and opinions expressed in the video webinar series, podcasts, and website are our own and do not represent that of our places of work. While we make every effort to ensure that the information we are sharing is accurate, we welcome any comments, suggestions, or correction of errors.

November 3, 202343 min

Compyl Security Sessions E18 - Navigating Modern Security Challenges

The intersection of information security and organizational success is evident and essential. On this episode of Security Sessions, we delve into the complexities and challenges surrounding this intersection, aiming to provide a platform where experiences, ideas, and solutions can be exchanged. The following topics are explored in depth: Perception of Information Security The discussion kicks off by probing why many organizations still view information security as a concern confined to IT departments, overlooking its implications across all facets of a business. Organizational Culture and Security The podcast then explores how an organization's culture and values can influence the perception and execution of information security practices. Challenges of Limited Resources A focus is placed on understanding if limited resources, such as time, budget, and expertise, are major contributors to struggles in managing information security and compliance. Strategies on how organizations can prioritize security despite these constraints are also discussed. Staying Updated on Cyber Threats The conversation shifts to how organizations can keep abreast of the ever-evolving cyber threats and ensure that their employees are well-educated about the latest risks. Compliance vs. Security The podcast addresses the misconception that compliance with certain standards or regulations equates to complete security and discusses ways to rectify this gap. Employee Training and Engagement Emphasizing the crucial role of regular employee training in preventing security breaches, the discussion explores effective ways to keep employees engaged in the security conversation. Navigating Security Tools The dialogue delves into whether organizations experience analysis paralysis due to the myriad of security tools available and discusses strategies to select and implement tools tailored to unique needs without overwhelming teams. Measuring Security Effectiveness The discussion identifies key metrics or indicators organizations should focus on to assess the efficacy of their information security strategies. Demystifying Security The podcast explores steps that organizations can take to make security concepts approachable and ensure that even non-technical staff members are vigilant and informed. Evolving Security Mindsets Lastly, considering the pervasive integration of technology in every business aspect, the discussion evaluates how organizations should evolve their security mindset to stay secure and prepared for future challenges. By dissecting these critical questions, “Security Sessions” aims to illuminate the multifaceted challenges and opportunities in information security, providing listeners with valuable insights and actionable strategies.

November 3, 202338 min

Choosing the Right Security Journey for Your Organization

In the age of digital transformation, where almost every facet of our lives is intertwined with technology, securing data and digital assets has become paramount. The security journey of an organization isn't merely a checklist; it's a continuous process that evolves with emerging threats and changing landscapes. As organizations embark on this journey, they must prioritize and methodically approach their security needs to shield themselves from potential harm. On today's episode of Compyl Security Sessions, we will demystify the intricate path of an organization's security journey. With the ever-growing spectrum of threats, it's no longer just about preventing cyberattacks or safeguarding against data breaches. It's about creating a resilient, proactive, and adaptive security posture. Why is the security journey so significant? A lapse in security can not only result in financial losses but also damage an organization's reputation, erode trust, and have long-term repercussions. It's not just about the immediate aftermath but about the ongoing repercussions in a world that values trust and reliability. Selecting the right security framework is a pivotal step in this journey. While there are numerous frameworks available, each tailored for different needs, choosing the right one can make all the difference. The benefits are manifold: Standardization A good security framework provides a consistent approach to address and manage cybersecurity risks. Clarity It provides a clear roadmap for the organization, detailing steps and processes to achieve desired security outcomes. Efficiency With a clear framework, organizations can allocate resources more efficiently, ensuring maximum security with optimal resource utilization. But, with so many options at hand, how can an organization make the right choice? Here are some guiding factors: Understand Your Needs Recognize the unique needs of your organization. A financial institution's requirements will differ from that of a healthcare provider. Scalability Ensure the framework is scalable. As your organization grows, so will your security needs. Compliance Some industries have specific regulatory requirements. Ensure the framework aligns with these mandates. Community and Support Opt for a framework that has an active community and support system. This ensures you remain updated with the latest trends and threats. As we delve deeper into this topic, our experts will share their insights, experiences, and recommendations. The goal? To arm you with the knowledge and understanding required to navigate your organization's security journey with confidence. Your security posture is only as strong as the framework supporting it, so let's embark on this journey together and pave the way for a more secure future. Speakers: William Klusovsky, Cybersecurity Executive Stas Bojoukha, CEO and Founder of Compyl Ron Sharon, Vice President Information Security

October 11, 202315 min

Compyl Security Sessions E2 - Establish Proper Organizational Risk Management Strategies

Compyl CEO and Founder Stas Bojoukha shed light on the many ways to think about implementing a proper risk management strategy across an organization. Learn some common mistakes to avoid and the ways to improve your current risk management program.

October 11, 202326 min

Compyl Security Sessions E1 - All SOC 2 Reports Aren't Created Equal

Compyl CEO and Founder Stas Bojoukha and Co-Founder Simon Shaddock discuss why a SOC 2 is so important today. Learn what to pay attention to and what to avoid as an organization begins thinking about a SOC 2 accreditation.

October 11, 202345 min

Compyl Security Sessions E16 - Why Mental Health Needs to be Prioritized for Security Teams

The role of security professionals and mental health relating to safeguarding organizations against cyber threats has never been more crucial. These unsung heroes work tirelessly behind the scenes, combating cybercriminals, protecting sensitive data, and ensuring the digital fortresses of their organizations remain impenetrable. However, the armor these professionals wear isn't just physical; it's also mental. The importance of organizations prioritizing the mental health of their employees, particularly security professionals who operate in high-stress environments, cannot be overstated. The digital realm is a battlefield where the adversaries are relentless, the stakes are high, and the pressure is unrelenting. In such an environment, fostering mental well-being isn't just a moral obligation; it's a strategic imperative.

October 11, 202340 min

Compyl Security Sessions E15 - Cybersecurity Vulnerabilities for Agile SMBs on the Rise

Cybersecurity Vulnerabilities are on the rise for Small to medium-sized businesses (SMBs). These vulnerabilities can impact their operations, finances, and reputation. Here is an overview of some common cybersecurity vulnerabilities SMBs face: - Limited Resources - Cybersecurity Threats - Lack of IT Expertise - Outdated Technology - Third-Party Risks - Compliance Challenges - Employee Training - Physical Security - Financial Vulnerabilities - Supply Chain Risks - Regulatory Changes To mitigate these vulnerabilities, SMBs should prioritize cybersecurity, invest in employee training, conduct regular risk assessments, establish incident response plans, and stay informed about industry-specific regulations and emerging threats. Collaborating with cybersecurity experts and adopting a proactive approach to security can help SMBs protect their assets and maintain their competitiveness in a dynamic business environment.