Imagine stepping into a role and discovering your predecessor had been severely underreporting vulnerabilities, leaving your systems 300 days behind on patches. Join G Mark Hardy and Ross Young in this riveting episode of CISO Tradecraft as they unveil a startling real-world scenario and a proven strategy to revolutionize your patching process. Learn how to tackle the ever-growing number of vulnerabilities, leverage AI and automation, and instill a culture of accountability and gamification among your team. With expert insights and practical steps, this episode is a must-watch for every cybersecurity leader looking to stay ahead of threats and secure their organization's future.

Big thanks to our sponsor, Forcepoint. Check out how they can help you shut down ShadowAI. https://www.forcepoint.com/resources/ebooks/shadow-ai-security-guide?utm_source=linkedin&sf_src_cmpid=701a600000exxd7AAA&utm_medium=display&utm_content=AW_NC_LinkedInAds_October25_ban&utm_campaign=LinkedInAds_October25

Note slides can be found here: https://www.linkedin.com/posts/mrrossyoung_patch-or-perish-activity-7389964440546471936--I_F?utm_source=share&utm_medium=member_desktop&rcm=ACoAABnnk5MBYbK8I-lYgI25f6ro7t6rOeP-Ods

Chapters

00:00 Introduction: The CISO Challenge 00:31 The Importance of Data Security 01:05 Welcome to CISO Tradecraft 02:01 Ross Young's Patching Journey 03:34 The Growing Threat of Vulnerabilities 05:16 AI and Cybersecurity 07:34 Developing a Comprehensive Security Approach 10:51 Accountability and Metrics 15:30 Improving Vulnerability Management Processes 19:28 Advanced Tooling and Automation 23:16 Future Trends in Cybersecurity 27:06 Conclusion: Adapting to the Future

In this episode of CISO Tradecraft, G Mark Hardy and Ross Young dive into part two of their series on cybersecurity budgets. Continuing from where they left off, they discuss the OWASP Threat and Safeguard Matrix (TaSM), effective protection scoring, and practical strategies to enhance your budget management as a CISO. Learn about the importance of understanding material threats, leveraging AI, and employing tools like murder boards to optimize security practices. Ross also shares inside tips for negotiating master service agreements and improving organizational processes, all aimed at making you a more effective security leader.

Welcome to another episode of CISO Tradecraft! Join G Mark Hardy and Ross Young as they dive deep into strategies for maximizing your security budget while minimizing waste. Ross, the author of the soon-to-be-released 'Cybersecurity's Dirty Secret,' shares insights from his 20-year career, including his time at the CIA, Capital One, and Caterpillar Financial. Get expert tips on zero-based budgeting, total cost of ownership, avoiding meeting waste, and more. Don't miss this episode if you want to learn how to make every cybersecurity dollar count!

Free Templates: https://www.cisotradecraft.com/store

Course: https://www.cisotradecraft.com/course-master-the-budget-game-in-cybersecurity