The Cyber Risk Management Podcast helps executives redefine cybersecurity from primarily a technology problem into a management opportunity. This podcast helps you learn how to manage cybersecurity in the same intelligent and thoughtful way you manage other areas of your business, including sales, order fulfillment, and accounts receivable. The Cyber Risk Management Podcast helps executives to become more proficient cyber risk managers. You will learn how to efficiently and effectively reduc ...
…
continue reading
Unraveling the (con)fusion between Tech& Risk Management
…
continue reading
1
EP 159: FTC 2023 Privacy and Data Security Update
50:05
50:05
Play later
Play later
Lists
Like
Liked
50:05
What kinds of unfair trade practices does the FTC look for when it comes to privacy and data security? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
S1E11 Unleash the Power of Agile - Beyond the Buzzword
30:36
30:36
Play later
Play later
Lists
Like
Liked
30:36
Welcome back to ByteWise! In this episode, our very own Agile expert Brian shares his 20 years of experience and knowledge in the field. Brian provides a clear definition of Agile, emphasizing its core principles of breaking down work into manageable chunks, continuous collaboration, and continuous improvement. We learn that Agile is more than just…
…
continue reading
1
EP 158: Business Continuity as a Revenue Generator?
47:07
47:07
Play later
Play later
Lists
Like
Liked
47:07
"Is overnight viral success is a kind of disruption that the business continuity (BC) discipline can help preapre you for? Let's find out with our guest Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Erika's Book, ""How to Not K…
…
continue reading
1
S1 E10 Uncovering the Unknown - the Limits and Revelations of Vendor Due Diligence
33:38
33:38
Play later
Play later
Lists
Like
Liked
33:38
In this episode of ByteWise, we take a deeper dive into the intricacies of vendor due diligence, illuminating not only its vital components but also the insights it yields and, more importantly, what remains beyond its scope. We explore the fundamental elements of vendor due diligence, including financial, operational, legal, and compliance assessm…
…
continue reading
1
EP 157: How To Assess Cyber Risk (REPLAY)
49:30
49:30
Play later
Play later
Lists
Like
Liked
49:30
"What's the definitive method for assessing cyber risk? Does it exist? How do you do it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. If you want to know more, Kip has a course on LinkedIn Learning you can check out: ""IT and Cybersecurity Risk Management Essential Trainin…
…
continue reading
1
S1E9 Beyond the Contract: The Critical ”Why” of Vendor Risk Management”
32:12
32:12
Play later
Play later
Lists
Like
Liked
32:12
Welcome to Episode 9 of the ByteWise Podcast, where we tackle the often complex and misunderstood world of vendor management. Whether you know it as TPRM (Third-Party Risk Management), VDD (Vendor Due Diligence), VRM (Vendor Risk Management), or simply VM, understanding how to effectively manage your third-party vendors is crucial for every organiz…
…
continue reading
What happened in the Change Healthcare cyberattack? What are the impacts and how can cyber resilience be a competitive advantage? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
Welcome to another episode of ByteWise, where today's discussion ventures into the intertwined worlds of Artificial Intelligence (AI) and cybersecurity. We're thrilled to welcome our first-ever guest, Kip Boyle, a leading figure in cyber resilience. As the CEO of Cyber Risk Opportunities and a recognized thought leader, Kip brings a wealth of knowl…
…
continue reading
1
EP 155: Cybersecurity and data privacy in M&A transactions
42:25
42:25
Play later
Play later
Lists
Like
Liked
42:25
The role of cybersecurity and data privacy due diligence when buying or selling a company has gone way up compared to five years ago. Why? And, what's at stake? Let's find out with our guest Brian Levine. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
Welcome to our latest podcast episode, where we dive into the exciting world of Artificial Intelligence (AI). We start off by explaining what AI is all about, making it easy for everyone to understand. Our expert guests help break down the basics, showing how AI is not just for tech experts but for anyone interested in the future of technology. We …
…
continue reading
1
EP 154: NIST AI Risk Management Framework, part 2
48:06
48:06
Play later
Play later
Lists
Like
Liked
48:06
Here's part 2 of what's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
S1E6 Technical Debt Part 2 - There is so much more to this!
31:29
31:29
Play later
Play later
Lists
Like
Liked
31:29
Welcome back to our podcast series on technical debt! In this episode, we delve deeper into the roots, challenges, and ownership surrounding this pervasive issue in organizations. If you missed the last episode, be sure to catch up on that before diving into this one. Technical debt doesn't just appear out of nowhere; it often has its roots in vari…
…
continue reading
1
EP 153: NIST AI Risk Management Framework, part 1
40:49
40:49
Play later
Play later
Lists
Like
Liked
40:49
What's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
In this episode we take on a topic that, while often overlooked, significantly affects nearly every organization: technical debt. At the outset, we give you a brief overview of what to expect from today’s discussion, highlighting the importance of understanding technical debt, not just for developers and IT professionals but for anyone involved in …
…
continue reading
1
EP 152: Boards of Directors and Cybersecurity
47:14
47:14
Play later
Play later
Lists
Like
Liked
47:14
The SEC says that Boards of Directors need cybersecurity expertise. But how exactly does that work? Let's find out with our guest Vanessa Pegueros, former CISO of DocuSign. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
In this insightful episode of the ByteWise podcast, we delve into the intricate world of risk management, information security, and IT, exploring their pivotal roles within the organizational structure. "Where Do We Belong?" sheds light on the various organizational charts that shape these critical functions and their integration into the broader c…
…
continue reading
1
EP 151: Does Ransomware Kill Sick People?
41:36
41:36
Play later
Play later
Lists
Like
Liked
41:36
"Is there any reliable evidence that sick people die at a higher rate when their hospital is disabled by ransomware? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. “Hacked to Pieces? The Effects of Ransomware Attacks on Hospitals and Patients” University of Minnesota - Twin …
…
continue reading
1
S1E3 Convincing the Collective - How do we get Folks to listen?
31:15
31:15
Play later
Play later
Lists
Like
Liked
31:15
This episode of "ByteWise" is dedicated to a critical issue faced by risk and technology professionals: gaining organizational buy-in for their initiatives. We begin by exploring why securing buy-in is particularly challenging in the fields of risk and technology. From the rapid pace of technological change to the often intangible nature of risk ma…
…
continue reading
1
EP 150: Privacy Laws Driving Demand for Cybersecurity
40:31
40:31
Play later
Play later
Lists
Like
Liked
40:31
Twelve US states now have major privacy laws, up from only five last year. How is that driving demand for cybersecurity? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
S1E2 What’s the Deal with all these Assessments?
33:32
33:32
Play later
Play later
Lists
Like
Liked
33:32
In this episode of "ByteWise," we're simplifying the complex world of audits and assessments. If you've ever wondered about the differences between an audit, a risk assessment, a vulnerability assessment, a penetration test, and a vulnerability test, then this is the episode for you. We're going back to basics to explain what each of these terms me…
…
continue reading
Welcome to episode 1 of ByteWise, where we unravel the (con)fusion between Technology and Risk Management. In this episode, we're diving into the heart of our podcast's mission: exploring the synergistic relationship between Technology, Information Security, and Risk Management. Your hosts, a team of seasoned professionals from each of these critic…
…
continue reading
1
EP 149: The Tools and Rules of Digital Trust
49:03
49:03
Play later
Play later
Lists
Like
Liked
49:03
How do you take a very important, yet ethereal, idea like digital trust and make it more concrete and actionable? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 148: SEC Disclosure Rules on Cybersecurity
38:59
38:59
Play later
Play later
Lists
Like
Liked
38:59
What are the SEC’s new rules for cybersecurity disclosures, including cyber incidents AND annually about cybersecurity risk management and governance? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 147: SEC Complaint against SolarWinds Corporation
49:02
49:02
Play later
Play later
Lists
Like
Liked
49:02
"What can we learn about the SEC Complaint against SolarWinds Corporation and Timothy G. Brown? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. EP 96: ""Normalizing Greater Accountability For Cybersecurity Fraud"" EP 109: ""FTC’s Strange Actio…
…
continue reading
"How can we measure success with cybersecurity? Let's find out with our guest Jared Pfost. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. See Jared's ""Security Metrics Reference"" here -- https://www.cr-map.com/metrics"By Kip Boyle
…
continue reading
1
EP 145: Why Do Employees Keep Ignoring Workplace Cybersecurity Rules?
38:50
38:50
Play later
Play later
Lists
Like
Liked
38:50
Why do employees keep ignoring workplace cybersecurity rules? And, what should cyber risk managers to do about it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
Have you heard of a regional cybersecurity conference in the US called SecureWorld? We really like it. So we invited Brad Graver, who’s the president of SecureWorld, to tell us what makes them different from all the other conferences we could go to. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L …
…
continue reading
1
EP 143: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 2
50:11
50:11
Play later
Play later
Lists
Like
Liked
50:11
Let's conclude our look at the 2023 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 142: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 1
47:32
47:32
Play later
Play later
Lists
Like
Liked
47:32
Have you read the Verizon DBIR report for 2023? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
What’s going to be in version 2 of the NIST Cybersecurity Framework? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 140: Entry Level IT & Cybersecurity Certifications Are Broken
36:42
36:42
Play later
Play later
Lists
Like
Liked
36:42
Entry level IT and Cybersecurity certifications cost too much and produce too many "paper tigers". How do we fix that? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 139: How to Use Cyber Insurance as a Cyber and Privacy Risk Management Tool
39:22
39:22
Play later
Play later
Lists
Like
Liked
39:22
How does an attorney think about using cyber insurance to manage cyber and privacy risks? Let's find out with our guest Jane Petoskey. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 138: What's With NIST Special Publication 800-171, Revision 3 and CMMC
43:31
43:31
Play later
Play later
Lists
Like
Liked
43:31
How is Revision 3 of NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification (CMMC) related to each other? Let's find out with our guest Jacob Horne. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By KIP BOYLE
…
continue reading
1
EP 137: How to Make Tabletop Exercises (TTX) Fun!
33:54
33:54
Play later
Play later
Lists
Like
Liked
33:54
Traditional incident response exercises are often boring and awkward. That's why we don't do them, even though we should. Want a new way to get people excited about doing one? Let's learn about a proven innovation with our guest Glen Sorensen. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 136: Why Cyber Resilience is a Business Advantage
45:43
45:43
Play later
Play later
Lists
Like
Liked
45:43
"An $8 billion company was hit by ransomware and then was sued in court by one of its best customers. What's the connection with cyber resilience? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. ""Case Study for Cyber as a Material Business Risk"" -- https://www.cr-map.com/12…
…
continue reading
"Is the idea of measuring cyber risk ""hooey!"" as one of the InfoSec godfathers once said? Let's find out with our guest Ryan Leirvik. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Ryan's book ""Understand, Manage, and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyb…
…
continue reading
1
EP 134: The Business Value of Business Continuity
44:48
44:48
Play later
Play later
Lists
Like
Liked
44:48
"Is there any business value in “business continuity”? If so, how can we explain it so anyone can understand? Our guest is Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Erika's Book, ""How to Not Kill Your Business"" -- https:/…
…
continue reading
1
EP 133: ChatGPT and Cyber Risk Management
42:54
42:54
Play later
Play later
Lists
Like
Liked
42:54
"Can ChatGPT help us manage Cyber Risk? Can any generative artificial intelligence be helpful? If so, how? And are there any limitations? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Suggested ""ChatGPT Prompt Engineering"" course by Sean Melis: https://www.udemy.com/cours…
…
continue reading
1
EP 132: Helping Activists Operating Under a Repressive Regime
41:00
41:00
Play later
Play later
Lists
Like
Liked
41:00
How would you help political and human rights activists stay safe while using digital communications as they live under a repressive regime? One of us has been doing it for almost a year and he'll tell you. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 131: How Identity Really Works on the Internet Today
45:14
45:14
Play later
Play later
Lists
Like
Liked
45:14
"What does identity on the Internet mean? What does the failure of identity cost us? Do we need to make any changes to the way we do digital identity? Let's find out with our guest our guest, Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA). Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernst…
…
continue reading
"What's the definitive method for assessing cyber risk? Does it exist? How do you do it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. If you want to know more, Kip has a course on LinkedIn Learning you can check out: ""IT and Cybersecurity Risk Management Essential Trainin…
…
continue reading
1
EP 129: Some Other Things I've Made for You
29:42
29:42
Play later
Play later
Lists
Like
Liked
29:42
"Beyond this podcast, I've made a lot of resources (most are free) to help you. In fact, you can now download a six page list of them all. Let me quickly skim through that list with you in this episode. I'm your host, Kip Boyle, CISO with Cyber Risk Opportunities. You can download ""the list"" here -- https://www.cr-map.com/thelist "…
…
continue reading
1
EP 128: Secrets of Cyber Risk Management at Non-Profits
33:52
33:52
Play later
Play later
Lists
Like
Liked
33:52
Are non-profits at risk for cyber exploitation? If so, why? And what should they do about it? Let's find out with our guest, Lew Bader, the Finance Director at "Counseling In Schools". Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 127: Proactively Protect Your Reputation (#1 digital asset)
40:54
40:54
Play later
Play later
Lists
Like
Liked
40:54
"How do you proactively protect your #1 digital asset, which is your reputation? Let's find out with our guest, Sameer Somal, the CEO of Blue Ocean Global Technology. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Mentioned during this episode: ""The effects of cyberattacks on corporate rep…
…
continue reading
1
EP 126: Due diligence as a Risk Management Approach
45:41
45:41
Play later
Play later
Lists
Like
Liked
45:41
"Can you “demonstrate due diligence to a defensible standard of care” as your risk management approach? This would replace ""red/yellow/green"" approaches or advanced statistics. Let's find out with our guest, Karen Worstell, who is a “Senior Cybersecurity Strategist” and a “CxO Security Advisor” with VMware. Your hosts are Kip Boyle, CISO with Cyb…
…
continue reading
1
EP 125: Applied Security Design Principles
50:45
50:45
Play later
Play later
Lists
Like
Liked
50:45
There are many security design principles we can use to build and evaluate products and services. Can we use them to understand the LastPass incidents from late 2022? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 124: Case Study for Cyber as a Material Business Risk
46:20
46:20
Play later
Play later
Lists
Like
Liked
46:20
"A $100 million Texas company called “United Structures of America” got struck by ransomware in 2019. You'll be surprised at what happened next. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. “Cyber Extortion of Patients”--https://cr-map.com/podcast/51/ “Quick Look at the ‘Essential Eight’ …
…
continue reading
1
EP 123: How to Really Reduce the Risk of People Falling for Phishing
41:18
41:18
Play later
Play later
Lists
Like
Liked
41:18
What can we learn from a recently released research report called “Phishing in Organizations: Findings from a Large-Scale and Long-Term Study”? Let’s find out with our guest, Jason Rebholz, the CISO of Corvus Insurance. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Jason Rebholz prior gues…
…
continue reading
What's our "best episode" of 2022? This one had the highest number of downloads. Let's find out which one it was with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
What are the biggest, yet wrong, ideas that float around all the time and often cause senior decision makers to make poor decisions? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. “Compliance Versus Practicing Cybersecurity” https://www.cr-map.com/12 “Busted: The Truth abou…
…
continue reading