Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
İçerik Allan Alford tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Allan Alford veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
The Cyber Ranch Podcast benzeri
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Get the most out of your home theater with the latest advances, product reviews, and all things audio and video. Every Thursday, Scott Wilkinson shares his expertise, energy, and enthusiasm about how to make your A/V system sound and look its best. In this short-format podcast, Scott brings you news, reviews, interviews, and commentary, and answers your questions. You can join Club TWiT for $7 a month and get ad-free audio and video feeds for all our shows plus everything else the club offer ...
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
))
The Case for Regulation with Tim Brown
Manage episode 441736469 series 2932664
İçerik Allan Alford tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Allan Alford veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Tim Brown. If you don’t’ know who Tim Brown is, he is the CISO at SolarWinds, and as such, is one of us.
Or maybe in a way, he is all of us, really. Tim advises and has held various other roles in the past, including product roles, which our listeners know are well-respected skills down at the 'Ranch.
The topic today is cyber regulation. It can range from self-regulation to associations, principles, practices, lobbying – all the way up to full government regulation. What works? What’s required?
Topics covered:
- What is the case for regulation?
- What are the basics rules to provide us coverage and clarity?
- Not knowing the rules makes people nervous and afraid...
- Document your own processes, procedures, JDs, what you do, what you don't do. Make it clear!
- Rigorous banking industry regulations exist already. How onerous are they? How badly would they fit the rest of us?
- Perhaps a GAAP (generally accepted accounting principles) equivalent is desired?
- Process/procedure vs. 'Thou shalt never have a vulnerability!'
- Heavy-handed governmental oversight - defining standard of care and turning that into something people can stand behind?
- Remember that Sarbanes and Oxley were people. Real people.
- Is regulation required to create a more positive environment in the way SOX does?
- What does the public-private partnership need so that the rules created are good and realistic and improve cybersecurity for the world?
- REGULATION IS COMING! THE CISO COMMUNITY MUST BE A PART OF THAT REGULATION!
- Have we had a cyber Enron, and do we need one? That was the real catastrophe that launched SOX...
- Regarding GAAP, accounting is deterministic vs. dynamic - Can a cyber GAPP ever exist given how dynamic we are?
- The compliance world: principles based vs. rules based regulation - a more practical model. It may not move the bar enough, but it's a good starting point.
- Should a whole field of security auditors existing like accounting auditors do?
- We are youngsters in this craft still...
- Is the accounting world really the best metaphor? Auditors, forensic accountants, etc.?
- Another model is the medical world - malpractice, specific rules and regulations on specific surgical practices?
- What about a national CISO board or association like the NACD or the American Psychological Association?
- What about boards like medical review boards that approve specialties?
- Lobbying
- How to fund this?
- Who should be doing the doing? Inclusivity vs. sound gatekeeping.
- A barber has to be licensed to cut hair - should we get licensed?
- This conversation was around with software engineers long before it was with cyber folks. We learned that self-policing did not really work...
- The challenge is one of not shackling the business, or at least not appearing to, and the subsequent pushback.
The call to action is ultimately this: If you don't have a seat at the table, folks will do things to you rather than with you. So get involved!
Y'all be good now!
195 bölüm
Paylaş
Manage episode 441736469 series 2932664
İçerik Allan Alford tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Allan Alford veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Tim Brown. If you don’t’ know who Tim Brown is, he is the CISO at SolarWinds, and as such, is one of us.
Or maybe in a way, he is all of us, really. Tim advises and has held various other roles in the past, including product roles, which our listeners know are well-respected skills down at the 'Ranch.
The topic today is cyber regulation. It can range from self-regulation to associations, principles, practices, lobbying – all the way up to full government regulation. What works? What’s required?
Topics covered:
- What is the case for regulation?
- What are the basics rules to provide us coverage and clarity?
- Not knowing the rules makes people nervous and afraid...
- Document your own processes, procedures, JDs, what you do, what you don't do. Make it clear!
- Rigorous banking industry regulations exist already. How onerous are they? How badly would they fit the rest of us?
- Perhaps a GAAP (generally accepted accounting principles) equivalent is desired?
- Process/procedure vs. 'Thou shalt never have a vulnerability!'
- Heavy-handed governmental oversight - defining standard of care and turning that into something people can stand behind?
- Remember that Sarbanes and Oxley were people. Real people.
- Is regulation required to create a more positive environment in the way SOX does?
- What does the public-private partnership need so that the rules created are good and realistic and improve cybersecurity for the world?
- REGULATION IS COMING! THE CISO COMMUNITY MUST BE A PART OF THAT REGULATION!
- Have we had a cyber Enron, and do we need one? That was the real catastrophe that launched SOX...
- Regarding GAAP, accounting is deterministic vs. dynamic - Can a cyber GAPP ever exist given how dynamic we are?
- The compliance world: principles based vs. rules based regulation - a more practical model. It may not move the bar enough, but it's a good starting point.
- Should a whole field of security auditors existing like accounting auditors do?
- We are youngsters in this craft still...
- Is the accounting world really the best metaphor? Auditors, forensic accountants, etc.?
- Another model is the medical world - malpractice, specific rules and regulations on specific surgical practices?
- What about a national CISO board or association like the NACD or the American Psychological Association?
- What about boards like medical review boards that approve specialties?
- Lobbying
- How to fund this?
- Who should be doing the doing? Inclusivity vs. sound gatekeeping.
- A barber has to be licensed to cut hair - should we get licensed?
- This conversation was around with software engineers long before it was with cyber folks. We learned that self-policing did not really work...
- The challenge is one of not shackling the business, or at least not appearing to, and the subsequent pushback.
The call to action is ultimately this: If you don't have a seat at the table, folks will do things to you rather than with you. So get involved!
Y'all be good now!
195 bölüm
Tüm bölümler
×
Player FM'e Hoş Geldiniz!
Player FM şu anda sizin için internetteki yüksek kalitedeki podcast'leri arıyor. En iyi podcast uygulaması ve Android, iPhone ve internet üzerinde çalışıyor. Aboneliklerinizi cihazlar arasında eş zamanlamak için üye olun.
The Cyber Ranch Podcast benzeri
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Get the most out of your home theater with the latest advances, product reviews, and all things audio and video. Every Thursday, Scott Wilkinson shares his expertise, energy, and enthusiasm about how to make your A/V system sound and look its best. In this short-format podcast, Scott brings you news, reviews, interviews, and commentary, and answers your questions. You can join Club TWiT for $7 a month and get ad-free audio and video feeds for all our shows plus everything else the club offer ...
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
