Cyber Insurance News & Information Podcast
"You can be a hundred percent compliant and still be breached." Joshua Brown [https://www.linkedin.com/in/brownjosh], Chief Information Security Officer at Spektrum Labs, joins Martin Hinton to dismantle the industry's most expensive assumption: that passing an audit means being secure. Brown explains why GRC failed to deliver better security outcomes, why attestations expire the moment they're made, and what happens on the other 364 days of the year. The conversation covers the "cyber poverty line" facing small businesses, why insurers are suing MSSPs after client breaches, how continuous control validation could replace the questionnaire, the Sophos Insurability FastTrack partnership, and the elevator question every CISO dreads: "Are we secure?" Brown's answer, and the question he'd replace it with, closes the show. Key moments: 02:05 — What is GRC and why has it failed? 08:03 — The cyber poverty line 17:00 — A flight recorder for resilience 22:00 — Attestations vs. proof in cyber insurance 45:01 — Small businesses and the security gap 01:03:49 — The question CEOs should ask instead Read the full article at Cyber Insurance News & Information: https://cyberinsurancenews.org/cyber-insurance-joshua-brown-spektrum-labs-podcast/ [https://cyberinsurancenews.org/cyber-insurance-joshua-brown-spektrum-labs-podcast/] Related coverage: Spektrum's Fusion platform launch, the Sophos partnership, and Max Perkins's January episode are all at cyberinsurancenews.org.
46 episodios
Comentarios
0Sé la primera persona en comentar
¡Regístrate ahora y únete a la comunidad de Cyber Insurance News & Information Podcast!