BlueDragon Podcast

S02E10 From Firefighting to Strategy - Jason Brown

This episode of the Blue Dragon podcast features Jason Brown, a seasoned cybersecurity leader, former CISO/vCISO, and author, discussing his book, "Unveiling NIST Cybersecurity Framework 2.0". The conversation centers on the NIST CSF 2.0, emphasizing the critical addition of the "Govern" function. Jason frames the CSF as an excellent introductory framework for building a cybersecurity program, often used in conjunction with the Center for Internet Security (CIS) controls. A key theme is moving cybersecurity beyond a technical "IT problem" and a "checkbox exercise" to a strategic business value driver that builds trust and unlocks revenue. Both speakers highlight the growing global focus on supply chain security (NIST CSF, NIS2, DORA) and the rising personal liability and accountability for CISOs and executives in the US and Europe. The discussion concludes with a deep dive into the importance of a well-structured three-layered documentation approach (Policy, Standard, and Procedure) and a formalized document lifecycle to maintain organizational security maturity. LINKS ➰ https://bluedragonpodcast.com ➰ linkedin.com/in/jasonbrown17 ➰ jason@jasonbrown.us ➰ https://jasonbrown.us ➰ Book: bit.ly/Unveiling-NIST CHAPTERS (00:00:00) 00:00:00 Introduction (Guest: Jason Brown, Author) (00:03:39) Guest Background & Path to Writing NIST CSF 2.0 Book (00:05:20) Core of NIST CSF 2.0: The addition of the 'Govern' function (00:06:34) Primary Driver for CSF 2.0: Supply Chain Governance (00:08:05) CSF's Role: An introductory framework, often paired with CIS Controls (00:09:21) Security as a Value Driver: Moving past compliance for revenue and trust (00:11:48) CISO's Role: Building relationships for program and financial support (00:14:00) Common Mistakes: Failing to assess gaps or focus on the 'how' (00:15:48) Overview of the Six CSF Functions (Govern, Identify, Protect, Detect, Respond, Recover) (00:17:43) Prioritizing Governance: It is the hardest step due to changing people (00:19:32) Overcoming Governance Hurdles: Dialogue with Executive Leadership Teams (ELT) (00:21:20) Executive Accountability: Personal liability and fines (US SEC, EU NIS2) (00:25:54) Communicating Value: Use Enterprise Risk instead of technical jargon (00:27:53) Security as a Business Problem: Not just an IT problem (Jaguar example) (00:30:41) Engaging Leaders: Involving department heads in identifying critical assets (ID.BE) (00:32:19) Future CSF Evolution: Expected integration of AI and emerging technologies (00:33:36) Three-Layered Documentation: Policy (what), Standard (guidelines), Procedure (how-to) (00:37:05) The Open Policy Framework: Jason's structured documentation approach (00:38:02) Document Lifecycle: Annual review prevents reliance on outdated, breakable standards (00:40:04) Personal Updates: Break from writing for family time (00:40:29) Automotive Industry Security: Brief mention of OT concerns KEYPOINTS 1. NIST CSF 2.0's "Govern" function is key for a complete cyber program; it is the most critical starting point due to the challenge of changing people. 2. Cybersecurity must be framed as a business value driver and revenue generator, moving past a simple compliance checklist mentality. 3. The CISO's role is strategic: acting as a business enabler by communicating security needs via enterprise risk to the ELT. 4. Global regulations (NIS2, SEC) are increasing personal liability for executives, making robust governance mandatory, not optional. 5. A strong governance structure uses three distinct layers: Policy (public commitment), Standard (confidential guidelines), and Procedure (technical configuration). 6. Security documents must have a formal lifecycle with annual reviews to ensure standards remain current and effective against threats.

S02E09 Inside the mind of a vCISO - Debra Baker

LINKS➰ BlueDragon Podcast website: https://bluedragonpodcast.com [https://bluedragonpodcast.com]➰ Book: https://tinyurl.com/CISO-guide [https://tinyurl.com/CISO-guide]➰ Website: ⁠https://TrustedCISO.com [https://TrustedCISO.com]⁠ ➰ CISO Guide to Cyber Resilience Book: ⁠https://amzn.to/3Vt1g0o [⁠https://amzn.to/3Vt1g0o]➰ LinkedIn: https://www.linkedin.com/in/debrabakernc [https://www.linkedin.com/in/debrabakernc]➰ TrustedCISO Newsletter: https://bit.ly/TrustedCISO-NewsLetter [https://bit.ly/TrustedCISO-NewsLetter]➰ CISO Guide Course on Udemy: https://bit.ly/ciso-guide-udemy [https://bit.ly/ciso-guide-udemy]➰ Advanced CISO Guide Course on Udemy: https://bit.ly/advanced-ciso-guide [https://bit.ly/advanced-ciso-guide]➰ Download the Free Roadmap: ⁠https://bit.ly/CISO-Roadmap⁠ [https://bit.ly/CISO-Roadmap⁠]➰ YouTube: https://YouTube.com/@TrustedCISO [https://YouTube.com/@TrustedCISO]➰ Linktree: ⁠https://linktr.ee/debrabaker SUMMARY In this episode of the Blue Dragon podcast, Jetro interviews cybersecurity expert Debra Baker, who shares her extensive experience in the field. They discuss the evolving role of the CISO, the importance of cyber resilience, and the principles that remain true over time. Debra emphasizes the need for organizations to prepare for cyber attacks and recover quickly, highlighting the significance of good backups and incident response plans. The conversation also covers the differences between SOC 2 and ISO 27001 certifications, the role of vCISOs, and the growing importance of supply chain security and operational technology security. Debra provides valuable insights on building effective cybersecurity teams and influencing organizational culture to prioritize security awareness. CHAPTERS (00:00:00) INTRO (00:00:37) Introduction to Cybersecurity and Cyber Resilience (00:01:56) Understanding Cyber Resilience (00:04:10) Principles of Cyber Resilience (00:06:59) Evolution of Cybersecurity Practices (00:08:42) Experiencing Cyber Attacks (00:11:29) Advice for Small Teams (00:13:28) The Limitations of Certifications (00:17:43) SOC 2 vs. ISO 27001 (00:21:39) Building an Effective Cybersecurity Team (00:25:26) The Role of a vCISO (00:26:50) Operational Strategies and Day-to-Day Management (00:30:12) Navigating Supply Chain Security (00:32:49) The Rise of OT Security (00:34:57) Balancing Technical Knowledge and Business Acumen (00:39:09) Cultivating a Security-Conscious Culture (00:43:18) The Evolving Role of the CISO and Market Trends

S02E08 Bridging SecOps and Compliance - Purav Desai

In this episode of the Blue Dragon podcast, I interview Purav Desai, a dual Microsoft MVP recognized for his contributions in the fields of SIEM, XDR, and Microsoft Purview compliance. We discuss Purav's journey to becoming an MVP, his role as an incident responder, and the strategic importance of Microsoft Purview in governance and compliance. The conversation also covers the significance of eDiscovery in legal preparedness, common misconceptions about Microsoft security, and the implementation of data classification policies. Purav shares insights on how organizations can start their journey in Microsoft security and the evolution of data protection in collaborative tools like Teams. In this conversation, Purav discusses the balance between automation and human oversight in cybersecurity, emphasizing the importance of understanding processes before automating them. He shares a real-world incident response case that highlights the need for authority and trust in managing security incidents. The discussion also covers the emerging threat of insider risks, particularly in light of layoffs, and how organizations can leverage Microsoft tools to mitigate these risks. Finally, Purav reflects on the choice between adopting a single ecosystem versus a best-of-breed approach in security solutions, and shares his future aspirations in the cybersecurity field. LINKS ➰ BlueDragon: bluedragonpodcast.com ➰ Purav Desai's LinkedIn: https://www.linkedin.com/in/purav-da346393/ ➰ Purav Desai's Github: https://github.com/PuravsPoint ➰ Purav Desai's DecipheringUAL series: https://github.com/PuravsPoint/DecipheringUAL CHAPTERS (00:00:00) INTRO (00:00:30) Introduction to Purav Desai and His Achievements (00:03:49) Journey to Becoming a Dual Microsoft MVP (00:06:25) Role of an M365/Azure Incident Responder (00:09:04) Understanding Microsoft Purview Compliance and Governance (00:12:32) eDiscovery and Legal Preparedness (00:15:24) Common Misconceptions About Microsoft Purview (00:17:54) Implementing Data Classification Policies (00:22:54) The Evolution of Data Protection in Teams (00:26:32) Starting with Microsoft Security for Mid-Sized Organizations (00:30:04) Mature Endpoint Detection and Response Strategies (00:32:28) Balancing Automation and Human Oversight (00:38:09) Real-World Incident Response Lessons (00:46:10) Navigating European Regulations and Insider Threats (00:51:55) Ecosystem Choices: Best of Breed vs. All-in-One (00:55:51) Future Aspirations and Community Contributions (00:59:36) OUTRO

S02E07 Quantum Computing for IT Leaders - Johnny Hooyberghs

In this episode of the Blue Dragon podcast, I interview Johnny Hooyberghs, an expert in quantum computing and author of 'Introducing Microsoft Quantum Computing for Developers.' We discuss Johnny's journey into quantum computing, the importance of this technology for businesses, and its current state of development. Johnny explains the potential applications of quantum computing in various industries, the risks it poses to cybersecurity, and how companies can prepare for its future. The conversation also touches on the exciting possibilities of combining quantum computing with AI, and the ongoing efforts in Europe to advance quantum research. LINKS ➰bluedragonpodcast.com [https://www.bluedragonpodcast.com] ➰linkedin.com/in/johnnyhooyberghs [https://www.linkedin.com/in/johnnyhooyberghs/] ➰⁠ [bluedragonpodcast.com]www.involved.be [https://⁠⁠www.involved.be] ➰⁠ [bluedragonpodcast.com]quantumcircle.eu [https://www.quantumcircle.eu] ➰⁠ [bluedragonpodcast.com]bit.ly/QuaCompute [https://bit.ly/QuaCompute] CHAPTERS (00:00:00) Introduction to Quantum Computing and Johnny's Journey (00:03:58) The Importance of Quantum Computing for Businesses (00:06:59) Current State of Quantum Computing Technology (00:10:02) Real-World Applications and Business Cases (00:12:55) Preparing for Quantum Computing in Industries (00:17:38) Quantum Computing and Cybersecurity Risks (00:20:45) The Future of Quantum Computing and AI (00:23:36) Conclusion and Future Outlook

S02E06 Build and audit a cybersecurity program - Michael Ratemo

In this episode Jetro interviews Michael Ratemo, a cybersecurity expert and author, discussing his journey from Kenya to becoming a cloud and security leader. They explore essential topics such as cloud governance, identity and access management, the importance of cloud auditing, and cost management in cloud environments. Michael emphasizes the need for a business case before moving to the cloud, the significance of training for IT teams transitioning to cloud operations, and the role of Cloud Security Posture Management (CSPM) in maintaining security. The conversation highlights the dynamic nature of cloud environments and the necessity for continuous monitoring and auditing to ensure security and cost-effectiveness. In this conversation, Michael Ratemo and Jetro discuss the critical aspects of managing cloud operations and cybersecurity. They emphasize the importance of financial discipline in cloud usage, the necessity of a robust cybersecurity program, and the need to view cybersecurity as a business risk rather than just an IT issue. They also explore the concept of cyber resilience and how organizations can prepare for and respond to incidents. Finally, they touch on future trends in cybersecurity, particularly the integration of AI and secure development practices. LINKS ➰bluedragonpodcast.com⁠ [https://www.bluedragonpodcast.com⁠] ➰⁠https://www.linkedin.com/in/michael-ratemo [https://www.linkedin.com/in/michael-ratemo] ➰⁠https://www.cybersecuritysimplified.com [https://www.cybersecuritysimplified.com] CHAPTERS (00:00:00) INTRO (00:00:35) Introduction to Michael Ratemo (00:06:57) Michael's Journey into Cybersecurity (00:11:54) Cloud Security Governance Essentials (00:18:10) Identity and Access Management in the Cloud (00:24:41) The Importance of Cloud Auditing (00:27:45) Cost Management in Cloud Environments (00:29:05) Financial Discipline in Cloud Operations (00:32:44) Building a Robust Cybersecurity Program (00:41:42) Cybersecurity as a Business Risk (00:46:58) The Importance of Cyber Resilience (00:51:40) Future Trends in Cybersecurity and AI