State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice. Learn more at accesspointconsulting.com .
Listen to episodes
28 recent
December 4, 202439 min
SOS16 - Anthony Rivera (Access Point Consulting) | CIOs and CISOs on Balancing Innovation and Security
State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice.
--------------------
Assess, design, and implement your cybersecurity strategy.
Learn more at www.accesspointconsulting.com.
Note: This episode was recorded on October 31, 2024.
November 21, 202439 min
SOS15 - Robert Fernandes (The Investment Center) | Building a Security-First Workforce
State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice.
--------------------
Assess, design, and implement your cybersecurity strategy.
Learn more at www.accesspointconsulting.com.
November 14, 202425 min
SOS14 - Essentials of Vulnerability and Patch Management (with Katrina Xander)
State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice.
--------------------
Assess, design, and implement your cybersecurity strategy.
Learn more at www.accesspointconsulting.com.
October 30, 202436 min
SOS13 - Ransomware and Resilience: Preparing for the Inevitable
State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice.
--------------------
Assess, design, and implement your cybersecurity strategy.
Learn more at www.accesspointconsulting.com.
October 3, 202431 min
SOS12 - The Psychology of Phishing (with Clayton Smith)
State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice.--------------------Assess, design, and implement your cybersecurity strategy.Learn more at www.accesspointconsulting.com.
September 26, 202445 min
SOS11 - Addressing Supply Chain Threats: It's a Kevin Bacon Problem (with Chris Poulin & Mike Caruso)
State of Security, by Access Point Consulting, brings together seasoned experts in the fields of security consulting, regulatory compliance, and security operations. Whether you’re a business leader, IT professional, or security enthusiast, this podcast offers valuable insights and actionable advice.--------------------Assess, design, and implement your cybersecurity strategy.Learn more at www.accesspointconsulting.com.
July 16, 202425 min
SOS10 - Understanding and Managing Supply Chain Risk (with Michael Caruso)
TakeawaysIdentify and assess the risks associated with third-party vendors and suppliersBuild strong relationships with critical vendors and continuously monitor their security postureUnderstand the risks associated with the third parties used by your own third partiesUse tools like BitSight and UpGuard for scanning and monitoring vulnerabilitiesHave management support, clear roles and responsibilities, and a focus on security postureChapters00:00 Introduction and the Importance of Identifying Third Parties03:02 Defining Supply Chain Risk Management09:44 The Risks of Shadow IT Vendors13:28 Building Relationships with Critical Vendors17:18 The Challenges of Fourth-Party Risk Management20:09 Tools for Scanning and Monitoring Vulnerabilities23:03 Key Recommendations for CISOs and CIOs
May 23, 202430 min
SOS9 - Applications for Cyber Threat Intelligence in SMBs (with Evie Manning & Michael Rush)
SummaryIn this episode of State of Security, Geoff Hancock discusses cyber threat intelligence with guests Mike Rush and Evie Manning. They define cyber threat intelligence as data that is collected, processed, and analyzed to understand threat actors, their motives, targets, and behaviors. They emphasize the importance of making intelligence actionable and highlight the different levels of threat intelligence, from strategic trends to tactical actions. The guests also discuss the impact of cyber intelligence on supply chain security and how it can be used to proactively protect businesses. They stress the need for collaboration and communication between different cybersecurity disciplines and the importance of relevant and contextual data in cyber intelligence.TakeawaysCyber intelligence is data that is collected, processed, and analyzed to understand threat actors, their motives, targets, and behaviors.Making intelligence actionable is key, as it allows organizations to make informed decisions and take proactive measures to resolve issues and prevent future attacks.Cyber threat intelligence encompasses a broad range of information, from strategic trends to tactical actions, and helps organizations identify relevant threats and prioritize their security efforts.Cyber intelligence plays a crucial role in supply chain security, as it helps organizations identify and mitigate risks in their supply chain and protect their customers.Collaboration and communication between different cybersecurity disciplines, such as vulnerability management, incident response, and threat hunting, are essential for effective cyber intelligence.Small and medium businesses can start building their cyber intelligence capabilities by conducting an internal assessment of their assets, risks, and vulnerabilities, and then seeking relevant and contextual data from trusted sources.Chapters00:00 Introduction to Cyber Intelligence04:38 Different Levels of Threat Intelligence07:28 Cyber Intelligence in the Context of Small and Medium Businesses10:43 The Importance of Supply Chain Security26:52 Building Cyber Intelligence Capabilities for Small and Medium Businesses
May 16, 202436 min
SOS8 - Building a Resilient GRC Program (with Rick Leib & Susan Woyton)
SummaryThis episode focuses on governance, risk, and compliance (GRC) and how organizations can strengthen their GRC programs.Key recommendations include:Ensure executive buy-in and support for GRC initiatives.Review and update policies, procedures, and documentation regularly.Implement continuous monitoring and improvement of GRC processes.Incorporate GRC elements into contracts with third parties.Conduct regular internal and third-party risk assessments.Provide security awareness training to employees.Consider the impact of AI on GRC, but maintain a human element in the process.Chapters00:00 Introduction03:21 The Importance of Resilient GRC08:33 Challenges and Failures in GRC25:58 Executive Buy-In and Documentation30:38 Continuous Monitoring and Improvement35:24 Strengthening GRC Programs
May 9, 202447 min
SOS7 - [LIVE] How to Be Proactive About Operational Resilience and Incident Response (with Rick Leib & Jeff Ulanet)
SummaryDuring HIMSS24 in Orlando, Access Point highlighted the importance of operational resilience and incident response in healthcare. Led by Geoff Hancock, the session addressed the increase in data breaches and the need for proactive cyber resilience. Panelists emphasized the shift to proactive cybersecurity, the role of AI and machine learning, key elements of an incident response plan, and collaboration between teams. Executives were noted for their oversight during breaches, and the evolving role of the C-suite in prioritizing cyber resilience was emphasized. Effective communication to the C-suite and board of directors, along with balancing innovation with privacy and compliance, were also discussed.TakeawaysOperational resilience and incident response are crucial in the healthcare industry due to the increasing number of data breaches.A proactive approach to cybersecurity is necessary, with a focus on having a plan and being able to withstand and manage through an attack.AI and machine learning play a role in cybersecurity, but there is a need for continuous testing and governance to prevent manipulation of outcomes.Key elements of a healthcare organization's incident response plan include team collaboration, incident classification, detection and analysis tools, recovery and retention strategies, and involvement of executives.Collaboration between the CISO, engineering, and IT teams is crucial for creating a strong security posture.Executives in hospital administration play a role in providing oversight and managing through a breach.The C-suite's understanding and prioritization of cyber resilience are evolving.Budgeting and prioritization are important for implementing effective cybersecurity measures.Effective communication and reporting to the C-suite and board of directors are essential.Balancing the adoption of innovative technologies with patient privacy and regulatory compliance is a challenge.Chapters00:00 Introduction and the Need for Proactive Cyber Resilience06:22 Understanding the Operational Side of Cyber Resilience09:10 Key Elements of a Healthcare Organization's Incident Response Plan24:27 Collaboration between CISO, Engineering, and IT for Strong Security26:54 The Evolving Role of the C-Suite in Understanding Cyber Resilience29:51 Budgeting and Prioritization for Effective Cybersecurity33:13 Effective Communication and Reporting to the C-Suite and Board36:08 Balancing Innovation and Patient Privacy in Healthcare
Is this your show?
Claim this listing to keep it up to date, reach guests who want to pitch you, and manage bookings with Guestify.
