The Cyber Risk Management Podcast helps executives redefine cybersecurity from primarily a technology problem into a management opportunity. This podcast helps you learn how to manage cybersecurity in the same intelligent and thoughtful way you manage other areas of your business, including sales, order fulfillment, and accounts receivable. The Cyber Risk Management Podcast helps executives to become more proficient cyber risk managers. You will learn how to efficiently and effectively reduc ...
…
continue reading
1
EP 164: Why are we so bad at vulnerability management?
36:00
36:00
Play later
Play later
Lists
Like
Liked
36:00
"Vulnerability management is really difficult, especially at scale. And after 20+ years that's still true. Our guest Alex Wood, who's the CISO of Uplight, will help us understand why and consider practical suggestions for getting better. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Alex W…
…
continue reading
"Self-care is a crucial yet seldom discussed topic. Why is that? How should we be taking care of ourselves and why? Let's find out with our guest Chris Roberts, who most recently was the CISO of Boom Supersonic. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Chris Roberts' LinkedIn Profile …
…
continue reading
1
EP 162: Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), part 2
47:59
47:59
Play later
Play later
Lists
Like
Liked
47:59
Let's continue unpacking the "Cyber Incident Reporting for Critical Infrastructure Act". What else do you need to know? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 161: Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)
48:16
48:16
Play later
Play later
Lists
Like
Liked
48:16
CIRCIA stands for the "Cyber Incident Reporting for Critical Infrastructure Act". But what does it really mean? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 160: How to Find Your Top 5 Cyber Risks
46:22
46:22
Play later
Play later
Lists
Like
Liked
46:22
"You can find your top 5 cyber risks using a “top down” approach with the NIST Cybersecurity Framework. Along the way, you can shift your organization towards better practice of reasonable cybersecurity. Know how? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. You can see ou…
…
continue reading
1
EP 159: FTC 2023 Privacy and Data Security Update
50:05
50:05
Play later
Play later
Lists
Like
Liked
50:05
What kinds of unfair trade practices does the FTC look for when it comes to privacy and data security? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 158: Business Continuity as a Revenue Generator?
47:07
47:07
Play later
Play later
Lists
Like
Liked
47:07
"Is overnight viral success is a kind of disruption that the business continuity (BC) discipline can help preapre you for? Let's find out with our guest Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Erika's Book, ""How to Not K…
…
continue reading
1
EP 157: How To Assess Cyber Risk (REPLAY)
49:30
49:30
Play later
Play later
Lists
Like
Liked
49:30
"What's the definitive method for assessing cyber risk? Does it exist? How do you do it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. If you want to know more, Kip has a course on LinkedIn Learning you can check out: ""IT and Cybersecurity Risk Management Essential Trainin…
…
continue reading
What happened in the Change Healthcare cyberattack? What are the impacts and how can cyber resilience be a competitive advantage? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 155: Cybersecurity and data privacy in M&A transactions
42:25
42:25
Play later
Play later
Lists
Like
Liked
42:25
The role of cybersecurity and data privacy due diligence when buying or selling a company has gone way up compared to five years ago. Why? And, what's at stake? Let's find out with our guest Brian Levine. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 154: NIST AI Risk Management Framework, part 2
48:06
48:06
Play later
Play later
Lists
Like
Liked
48:06
Here's part 2 of what's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 153: NIST AI Risk Management Framework, part 1
40:49
40:49
Play later
Play later
Lists
Like
Liked
40:49
What's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 152: Boards of Directors and Cybersecurity
47:14
47:14
Play later
Play later
Lists
Like
Liked
47:14
The SEC says that Boards of Directors need cybersecurity expertise. But how exactly does that work? Let's find out with our guest Vanessa Pegueros, former CISO of DocuSign. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 151: Does Ransomware Kill Sick People?
41:36
41:36
Play later
Play later
Lists
Like
Liked
41:36
"Is there any reliable evidence that sick people die at a higher rate when their hospital is disabled by ransomware? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. “Hacked to Pieces? The Effects of Ransomware Attacks on Hospitals and Patients” University of Minnesota - Twin …
…
continue reading
1
EP 150: Privacy Laws Driving Demand for Cybersecurity
40:31
40:31
Play later
Play later
Lists
Like
Liked
40:31
Twelve US states now have major privacy laws, up from only five last year. How is that driving demand for cybersecurity? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 149: The Tools and Rules of Digital Trust
49:03
49:03
Play later
Play later
Lists
Like
Liked
49:03
How do you take a very important, yet ethereal, idea like digital trust and make it more concrete and actionable? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 148: SEC Disclosure Rules on Cybersecurity
38:59
38:59
Play later
Play later
Lists
Like
Liked
38:59
What are the SEC’s new rules for cybersecurity disclosures, including cyber incidents AND annually about cybersecurity risk management and governance? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 147: SEC Complaint against SolarWinds Corporation
49:02
49:02
Play later
Play later
Lists
Like
Liked
49:02
"What can we learn about the SEC Complaint against SolarWinds Corporation and Timothy G. Brown? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. EP 96: ""Normalizing Greater Accountability For Cybersecurity Fraud"" EP 109: ""FTC’s Strange Actio…
…
continue reading
"How can we measure success with cybersecurity? Let's find out with our guest Jared Pfost. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. See Jared's ""Security Metrics Reference"" here -- https://www.cr-map.com/metrics"By Kip Boyle
…
continue reading
1
EP 145: Why Do Employees Keep Ignoring Workplace Cybersecurity Rules?
38:50
38:50
Play later
Play later
Lists
Like
Liked
38:50
Why do employees keep ignoring workplace cybersecurity rules? And, what should cyber risk managers to do about it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
Have you heard of a regional cybersecurity conference in the US called SecureWorld? We really like it. So we invited Brad Graver, who’s the president of SecureWorld, to tell us what makes them different from all the other conferences we could go to. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L …
…
continue reading
1
EP 143: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 2
50:11
50:11
Play later
Play later
Lists
Like
Liked
50:11
Let's conclude our look at the 2023 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 142: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 1
47:32
47:32
Play later
Play later
Lists
Like
Liked
47:32
Have you read the Verizon DBIR report for 2023? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
What’s going to be in version 2 of the NIST Cybersecurity Framework? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 140: Entry Level IT & Cybersecurity Certifications Are Broken
36:42
36:42
Play later
Play later
Lists
Like
Liked
36:42
Entry level IT and Cybersecurity certifications cost too much and produce too many "paper tigers". How do we fix that? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 139: How to Use Cyber Insurance as a Cyber and Privacy Risk Management Tool
39:22
39:22
Play later
Play later
Lists
Like
Liked
39:22
How does an attorney think about using cyber insurance to manage cyber and privacy risks? Let's find out with our guest Jane Petoskey. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 138: What's With NIST Special Publication 800-171, Revision 3 and CMMC
43:31
43:31
Play later
Play later
Lists
Like
Liked
43:31
How is Revision 3 of NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification (CMMC) related to each other? Let's find out with our guest Jacob Horne. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By KIP BOYLE
…
continue reading
1
EP 137: How to Make Tabletop Exercises (TTX) Fun!
33:54
33:54
Play later
Play later
Lists
Like
Liked
33:54
Traditional incident response exercises are often boring and awkward. That's why we don't do them, even though we should. Want a new way to get people excited about doing one? Let's learn about a proven innovation with our guest Glen Sorensen. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 136: Why Cyber Resilience is a Business Advantage
45:43
45:43
Play later
Play later
Lists
Like
Liked
45:43
"An $8 billion company was hit by ransomware and then was sued in court by one of its best customers. What's the connection with cyber resilience? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. ""Case Study for Cyber as a Material Business Risk"" -- https://www.cr-map.com/12…
…
continue reading
"Is the idea of measuring cyber risk ""hooey!"" as one of the InfoSec godfathers once said? Let's find out with our guest Ryan Leirvik. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Ryan's book ""Understand, Manage, and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyb…
…
continue reading
1
EP 134: The Business Value of Business Continuity
44:48
44:48
Play later
Play later
Lists
Like
Liked
44:48
"Is there any business value in “business continuity”? If so, how can we explain it so anyone can understand? Our guest is Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Erika's Book, ""How to Not Kill Your Business"" -- https:/…
…
continue reading
1
EP 133: ChatGPT and Cyber Risk Management
42:54
42:54
Play later
Play later
Lists
Like
Liked
42:54
"Can ChatGPT help us manage Cyber Risk? Can any generative artificial intelligence be helpful? If so, how? And are there any limitations? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Suggested ""ChatGPT Prompt Engineering"" course by Sean Melis: https://www.udemy.com/cours…
…
continue reading
1
EP 132: Helping Activists Operating Under a Repressive Regime
41:00
41:00
Play later
Play later
Lists
Like
Liked
41:00
How would you help political and human rights activists stay safe while using digital communications as they live under a repressive regime? One of us has been doing it for almost a year and he'll tell you. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 131: How Identity Really Works on the Internet Today
45:14
45:14
Play later
Play later
Lists
Like
Liked
45:14
"What does identity on the Internet mean? What does the failure of identity cost us? Do we need to make any changes to the way we do digital identity? Let's find out with our guest our guest, Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA). Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernst…
…
continue reading
"What's the definitive method for assessing cyber risk? Does it exist? How do you do it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. If you want to know more, Kip has a course on LinkedIn Learning you can check out: ""IT and Cybersecurity Risk Management Essential Trainin…
…
continue reading
1
EP 129: Some Other Things I've Made for You
29:42
29:42
Play later
Play later
Lists
Like
Liked
29:42
"Beyond this podcast, I've made a lot of resources (most are free) to help you. In fact, you can now download a six page list of them all. Let me quickly skim through that list with you in this episode. I'm your host, Kip Boyle, CISO with Cyber Risk Opportunities. You can download ""the list"" here -- https://www.cr-map.com/thelist "…
…
continue reading
1
EP 128: Secrets of Cyber Risk Management at Non-Profits
33:52
33:52
Play later
Play later
Lists
Like
Liked
33:52
Are non-profits at risk for cyber exploitation? If so, why? And what should they do about it? Let's find out with our guest, Lew Bader, the Finance Director at "Counseling In Schools". Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 127: Proactively Protect Your Reputation (#1 digital asset)
40:54
40:54
Play later
Play later
Lists
Like
Liked
40:54
"How do you proactively protect your #1 digital asset, which is your reputation? Let's find out with our guest, Sameer Somal, the CEO of Blue Ocean Global Technology. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Mentioned during this episode: ""The effects of cyberattacks on corporate rep…
…
continue reading
1
EP 126: Due diligence as a Risk Management Approach
45:41
45:41
Play later
Play later
Lists
Like
Liked
45:41
"Can you “demonstrate due diligence to a defensible standard of care” as your risk management approach? This would replace ""red/yellow/green"" approaches or advanced statistics. Let's find out with our guest, Karen Worstell, who is a “Senior Cybersecurity Strategist” and a “CxO Security Advisor” with VMware. Your hosts are Kip Boyle, CISO with Cyb…
…
continue reading
1
EP 125: Applied Security Design Principles
50:45
50:45
Play later
Play later
Lists
Like
Liked
50:45
There are many security design principles we can use to build and evaluate products and services. Can we use them to understand the LastPass incidents from late 2022? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 124: Case Study for Cyber as a Material Business Risk
46:20
46:20
Play later
Play later
Lists
Like
Liked
46:20
"A $100 million Texas company called “United Structures of America” got struck by ransomware in 2019. You'll be surprised at what happened next. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. “Cyber Extortion of Patients”--https://cr-map.com/podcast/51/ “Quick Look at the ‘Essential Eight’ …
…
continue reading
1
EP 123: How to Really Reduce the Risk of People Falling for Phishing
41:18
41:18
Play later
Play later
Lists
Like
Liked
41:18
What can we learn from a recently released research report called “Phishing in Organizations: Findings from a Large-Scale and Long-Term Study”? Let’s find out with our guest, Jason Rebholz, the CISO of Corvus Insurance. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Jason Rebholz prior gues…
…
continue reading
What's our "best episode" of 2022? This one had the highest number of downloads. Let's find out which one it was with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
What are the biggest, yet wrong, ideas that float around all the time and often cause senior decision makers to make poor decisions? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. “Compliance Versus Practicing Cybersecurity” https://www.cr-map.com/12 “Busted: The Truth abou…
…
continue reading
1
EP 120: The 2022 Verizon Data Breach Investigations Report (DBIR) Part 2
37:30
37:30
Play later
Play later
Lists
Like
Liked
37:30
Let's conclude our look at the 2022 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 119: The 2022 Verizon Data Breach Investigations Report (DBIR) Part 1
50:40
50:40
Play later
Play later
Lists
Like
Liked
50:40
Have you read the Verizon DBIR report for 2022? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.By Kip Boyle
…
continue reading
1
EP 118: Chief Operating Officer is also CISO
36:33
36:33
Play later
Play later
Lists
Like
Liked
36:33
What if your Chief Operating Officer was also your Chief Information Security Officer? What would that be like? And, who would do it? Let's find out with our guest, Peter Hitschler the COO of Tri Tech Manufacturing. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 117: Cyber Risk Management During Company Acquisition
44:10
44:10
Play later
Play later
Lists
Like
Liked
44:10
How can Deal Teams and M&A Teams understand and manage cyber risk so they can make better business decisions during the company acquisition process? Let's find out with our guest, Shay Colson, the Managing Partner at Coastal Cyber Risk Advisors, LLC. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gat…
…
continue reading
1
EP 116: Update of State Data Security Laws
41:14
41:14
Play later
Play later
Lists
Like
Liked
41:14
Did you know there’s an avalanche of state and federal privacy laws and regulations that are either being actively debated or have been passed and will soon take effect starting in January 2023? Let’s find out which ones matter most with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.…
…
continue reading
1
EP 115: Insurance Companies as Cybersecurity Leaders
43:18
43:18
Play later
Play later
Lists
Like
Liked
43:18
Can the insurance industry find a way to reduce the rate of major cyber incidents like it did by promoting airbags to reduce highway death rates or sprinklers for buildings reducing fires deaths? Let's find out with our guest Andy Anderson, CEO of DataStream Cyber Insurance. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernst…
…
continue reading