))
Enterprise Security from Healthcare to GE: Accountability, Strategy, and Value Creation with Bob Chaput
Manage episode 446364490 series 3595674
Kandungan disediakan oleh Secure Talk and Justin Beals. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Secure Talk and Justin Beals atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
My first SOC 2 audit as a Chief Technology Officer felt like performance art. Here we were, dancing to the tune of an auditor that had never built a web application, let alone a business. So many of their playbooks were repeated from other businesses and didn’t make us more secure. When we were done I was certainly glad to show off our new ‘certification’ but I wondered how I could implement great security and create value for my company.
In this compelling episode of Secure Talk, host Justin interviews Bob Chaput, a seasoned CISO and cybersecurity leader with a rich background in the healthcare sector. The conversation traverses Bob’s extensive career, from his early days at GE to establishing Johnson & Johnson’s first information security program. Bob shares profound insights from his book, 'Cyber Risk Management as a Value Creator,' illustrating the shift of cybersecurity from a defensive necessity to a strategic business driver. They explore the critical role of governance, regulatory accountability, and the implementation of risk management frameworks like the NIST cybersecurity framework. Using real-world cases like Equifax’s post-breach recovery, Bob elucidates the tangible business value of robust cybersecurity measures. Learn about budgeting for cybersecurity, fostering organizational engagement, and integrating security into business operations for enhanced resilience and customer trust. This episode is a treasure trove for experts looking to transform their cybersecurity approach into a strategic advantage.
Book: Enterprise Cyber Risk Management as a Value Creator
https://bobchaput.com/enterprise-cyber-risk-management-as-a-value-creator/
00:00 Welcome to SecureTalk: Introduction and Host Overview
00:41 The Importance of Scope in Cybersecurity
02:58 Introducing Bob Chaput: Cybersecurity Expert
04:45 Bob Chaput's Career Journey
08:17 Enterprise Cyber Risk Management as a Value Creator
12:20 The Role of Regulations and Accountability in Cybersecurity
17:26 Strategic Approach to Enterprise Cyber Risk Management
21:33 Risk and Opportunity Assessment in Cybersecurity
26:47 Leveraging Security Practices for Business Value
27:58 The Impact of Cybersecurity on Business Value
28:56 Clearwater's Role in Enhancing Cybersecurity
31:03 The ECRM Budget Philosophy
32:59 Maxims for Effective Cyber Risk Management
35:59 Building a Team Sport Culture in Cybersecurity
40:47 Foundational Components of ECRM
44:19 Challenges in Third-Party Risk Management
49:25 Clearwater's Journey and Future Prospects
206 episod
Kongsi
