Skip to content

This GitHub page shows the CISO Tradecraft Podcast broken down by Topic

Notifications You must be signed in to change notification settings

shagtoth/CISOTradecraftPodcast

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 

Repository files navigation

CISO Tradecraft®

Want to learn about cyber security?

CISO Tradecraft® provides fun and engaging podcasts on the Top 10 Cybersecurity Topic Domains. Whether you're a newbie or an expert, there's important tradecraft here for everyone to learn.

Subscribe to get the lastest content. THANK YOU!

Topic Domains

CISO Role
Business Management & Leadership
Defensive Technologies
Detection and Response Capabilities
Enabling Technologies
Governance
Identity & Access Management
Laws, Regulations, & Oversight
Product Security
Risk Management
Security Culture
Other Topics

CISO Role

This topic is used to increase understanding about the position of a Chief Information Security Officer (CISO). It also provides tips to help cyber executives succeed such as Building a Cyber Strategy.

Business Management & Leadership

Business Management & Leadership is an essential skill for executives to lead and influence others. These soft skills are critical to organizations where politics requires effective leaders to implement change via large collaboration efforts.

Defensive Technologies

Defensive Technologies is about creating defense in depth in an organization to protect against a multitude of attacks. Knowledge of these domains is key as it’s one of the most common things auditors assess in an organization since it’s required for things like PCI compliance.

Detection and Response Capabilities

Detection & Response Capabilities is about creating an organization to identify how attackers might circumvent your organization’s defensive technologies. Since 100% protection isn’t achievable, it’s about effective incident response to cyber incidents such as ransomware or business email compromise. This section also includes Offensive Security Concepts, Business Continuity, and Disaster Recovery Planning.

Enabling Technologies

Enabling Technologies is about enabling businesses to create digital transformation. This is helpful when organizations feel their technology is dated and want to adopt newer technologies such as Artifical Intelligence, 5G, Internet of Things, Serverless Computing, Biometrics, Augmented/Virtual Reality, Blockchain, Robotics, Natural Language Processing, Quantum Computing, etc. Essentially this type of CISO focuses on technology transformation to enable the business.

Governance

Governance is about understanding what technology your organization uses so you can effectively manage it through a process. This can be particularly helpful when you need a CISO who can optimize how your resources are spent.

Identity & Access Management

Identity & Access Management is about limiting the scope of an attacker who could cause harm to your organization. This is a key skill set for organizations that use lots of technologies from external vendors/providers. This knowledge is also helpful for organizations where data sharing agreements with partners and third parties is common.

Laws, Regulations, & Oversight

Laws, Regulations, and Oversight is about ensuring compliance with appropriate laws and regulations. This is particularly useful in highly regulated industries (Financial Services or Medical Industry). Organizations that are coming out of a data breach scenario are also likely to find increased scrutiny by regulators/auditors.

Product Security

Product Security is focused on ensuring developers write secure code. This can be a competitive advantage for organizations that build large amounts of custom code.

Risk Management

Risk Management is about effectively identifying what the biggest risks to the company are, what's the likelihood and magnitude of an attack, and how much does it cost to remediate. This is helpful for organizations who want more transparency.

Security Culture

Security Culture is about building an organization where the entire company becomes resilient. Building culture requires a strong focus on promoting security awareness and training so employees don’t click malicious links or send sensitive data outside the company.

Other Topics

Helpful Topics to improve the quality of life for Cyber Executives

About

This GitHub page shows the CISO Tradecraft Podcast broken down by Topic

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published