To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Tech Business Cyber Cybersecurity Intelligence Risk Security Nisos Investigative Threats
Content provided by Nisos, Inc.. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Nisos, Inc. or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

the CYBER5 « »
Building and Implementing Security Programs within Fast Growing Technology Companies

27:36
 
Play
Playing
Share
 

MP3Episode home
Manage episode 323720303 series 3331602
Content provided by Nisos, Inc.. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Nisos, Inc. or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

In episode 51 of The Cyber5, we are joined by Chris Castaldo. Chris is the Chief Information Security Officer for CrossBeam and has been CISO for a number of emerging technology companies.

In this episode, we talk about his newly released book, “Startup Secure” and how different growth companies can implement security at different funding stages. He also talks about the reasons security professionals should want to be a start-up CISO at a growing technology company and how success can be defined as a first time CISO. We also talk about how start up companies can avoid ransomware events in a landscape that is not only constantly changing but also gives little advantage for defenders of small and medium sized enterprises.

Two Topics Covered in this Episode:

  1. 4 Security Lessons for Founders of Start-up Technology Companies

When a B2B company is pre-seed or before Series A funding, customers might have leeway for lax cybersecurity controls. However, after an A round, policies, certifications (SOC2 or ISO27001), procedures will be required to ensure customer data is staying safe. A B2C technology company might not be asked by the public for certifications, but auditors and regulators may. Basic policies include:

  1. Single Sign-On or an Okta authentication into applications, cloud, and workstations
  2. Password management implementation (LassPass or OnePassword)
  3. Encryption at rest and transit
  4. Vulnerability scanning
  1. Combating Ransomware from The Inside-Out Approach and Integrating Threat Intelligence

Blocking and tackling from inside-out to get in front of ransomware is challenging. The simple items to tackle are the following:

  1. Auto-updates for patch management on operating systems
  2. Endpoint Detection and Response products
  3. Proper asset management to have full visibility on all network devices and services

At the point when resilience and compliance controls are in place and an organization can bounce back from an incident in a timely manner, adversary insights via threat intelligence is a logical next step.

  continue reading

91 episodes

#Tech #Business #Cyber #Cybersecurity #Intelligence #Risk #Security #Nisos #Investigative #Threats
Artwork

Building and Implementing Security Programs within Fast Growing Technology Companies

the CYBER5

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 323720303 series 3331602
Content provided by Nisos, Inc.. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Nisos, Inc. or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

In episode 51 of The Cyber5, we are joined by Chris Castaldo. Chris is the Chief Information Security Officer for CrossBeam and has been CISO for a number of emerging technology companies.

In this episode, we talk about his newly released book, “Startup Secure” and how different growth companies can implement security at different funding stages. He also talks about the reasons security professionals should want to be a start-up CISO at a growing technology company and how success can be defined as a first time CISO. We also talk about how start up companies can avoid ransomware events in a landscape that is not only constantly changing but also gives little advantage for defenders of small and medium sized enterprises.

Two Topics Covered in this Episode:

  1. 4 Security Lessons for Founders of Start-up Technology Companies

When a B2B company is pre-seed or before Series A funding, customers might have leeway for lax cybersecurity controls. However, after an A round, policies, certifications (SOC2 or ISO27001), procedures will be required to ensure customer data is staying safe. A B2C technology company might not be asked by the public for certifications, but auditors and regulators may. Basic policies include:

  1. Single Sign-On or an Okta authentication into applications, cloud, and workstations
  2. Password management implementation (LassPass or OnePassword)
  3. Encryption at rest and transit
  4. Vulnerability scanning
  1. Combating Ransomware from The Inside-Out Approach and Integrating Threat Intelligence

Blocking and tackling from inside-out to get in front of ransomware is challenging. The simple items to tackle are the following:

  1. Auto-updates for patch management on operating systems
  2. Endpoint Detection and Response products
  3. Proper asset management to have full visibility on all network devices and services

At the point when resilience and compliance controls are in place and an organization can bounce back from an incident in a timely manner, adversary insights via threat intelligence is a logical next step.

  continue reading

91 episodes

#Tech #Business #Cyber #Cybersecurity #Intelligence #Risk #Security #Nisos #Investigative #Threats

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox