Artwork

Inhalt bereitgestellt von Dr. Eric Cole. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Dr. Eric Cole oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!

Cybersecurity Metrics

31:38
 
Teilen
 

Manage episode 436912695 series 3381995
Inhalt bereitgestellt von Dr. Eric Cole. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Dr. Eric Cole oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.

In this episode of Life of a CISO, Dr. Eric Cole delves into the critical challenge of measuring cybersecurity effectiveness, emphasizing the flawed approach many organizations take. He highlights that many companies mistakenly believe that if no visible attacks are detected, their cybersecurity is successful. However, this mentality overlooks the reality that many breaches go unnoticed due to inadequate detection mechanisms. Dr. Cole argues that relying on a lack of detected attacks as a metric for success is both misguided and dangerous, as it often means that companies aren't looking in the right places or using the right metrics to gauge their security posture.

Dr. Cole also explores the systemic issues within organizations that hinder effective cybersecurity. He points out the problematic structure where CISOs report to CIOs, who are primarily focused on availability and uptime, leading to conflicts of interest that compromise security. Dr. Cole advocates for a shift in responsibility and authority, urging companies to recognize that cybersecurity requires independent oversight and clear, measurable metrics that go beyond simply preventing visible attacks. He stresses the need for a fundamental change in how organizations approach cybersecurity, including holding decision-makers accountable for risks and ensuring that security is not sacrificed for convenience or functionality.

  continue reading

101 Episoden

Artwork
iconTeilen
 
Manage episode 436912695 series 3381995
Inhalt bereitgestellt von Dr. Eric Cole. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Dr. Eric Cole oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.

In this episode of Life of a CISO, Dr. Eric Cole delves into the critical challenge of measuring cybersecurity effectiveness, emphasizing the flawed approach many organizations take. He highlights that many companies mistakenly believe that if no visible attacks are detected, their cybersecurity is successful. However, this mentality overlooks the reality that many breaches go unnoticed due to inadequate detection mechanisms. Dr. Cole argues that relying on a lack of detected attacks as a metric for success is both misguided and dangerous, as it often means that companies aren't looking in the right places or using the right metrics to gauge their security posture.

Dr. Cole also explores the systemic issues within organizations that hinder effective cybersecurity. He points out the problematic structure where CISOs report to CIOs, who are primarily focused on availability and uptime, leading to conflicts of interest that compromise security. Dr. Cole advocates for a shift in responsibility and authority, urging companies to recognize that cybersecurity requires independent oversight and clear, measurable metrics that go beyond simply preventing visible attacks. He stresses the need for a fundamental change in how organizations approach cybersecurity, including holding decision-makers accountable for risks and ensuring that security is not sacrificed for convenience or functionality.

  continue reading

101 Episoden

Усі епізоди

×
 
Loading …

Willkommen auf Player FM!

Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.

 

Kurzanleitung

Hören Sie sich diese Show an, während Sie die Gegend erkunden
Abspielen