Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance

• Mastering Integrated ISO Management Systems | Interview with Jim Moran

  In this episode of Secure and Simple Podcast, hosted by Dejan Kosutic, we are joined by Jim Moran, founder of Simplify ISO and member of the ISO Committee 280. With over 30 years of experience in consulting and various ISO standards, Jim shares his insights on the High-level Structure (HLS) of ISO management standards and the integration of various ISO standards into a cohesive management system. This episode covers strategies for merging ISO 9001, ISO 27001, and other standards, the benefits of HLS for integrated management systems, the importance of executive involvement, and recent updates to ISO 9001. Ideal for consultants, CISOs, and cybersecurity professionals, this episode provides practical tips and expertise on effectively implementing integrated management systems.Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with Jim Moran (01:49) - Understanding High-Level Structure (HLS) (11:30) - The Role of Annexes in ISO Standards (15:22) - Integrated Management Systems in Practice (22:38) - Documenting Integrated Management Systems (27:07) - Integrating Management Reviews (35:42) - Starting with One Standard vs. Multiple Standards (39:12) - Changes in ISO 9001 and Other Standards (43:17) - Future Trends: AI and Cybersecurity

  --------  

  48:29

  --------

  48:29
• Volunteer Work in Cybersecurity Nonprofits | Interview with Aruneesh Salhotra

  Join Dejan Kosutic, CEO of Advisera, on the Secure and Simple Podcast as he delves into the importance of cybersecurity NGOs with expert guest Aruneesh Salhotra. Explore the impact of organizations like OWASP and the Eclipse Foundation on global cybersecurity standards, the benefits of volunteering in these NGOs, and the influence of these nonprofits on government policies. Learn about Aruneesh’s involvement with projects like OWASP AI Exchange and AI BOM, and gain insights on how consultants and CISOs can leverage these organizations for professional growth and thought leadership. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with Aruneesh Salhotra (02:42) - Differences Between Cybersecurity NGOs (04:55) - Governance-Oriented Cybersecurity NGOs (06:19) - Educational Initiatives in Cybersecurity (06:54) - OWASP AI Exchange and Its Impact (13:51) - Volunteering in Cybersecurity NGOs (25:45) - Aruneesh's Involvement in OWASP Projects (34:43) - Resources for Consultants

  --------  

  36:04

  --------

  36:04
• Building a Business-Aligned Cybersecurity Strategy | Interview with Thom Langford

  In this episode, Dejan Kosutic, CEO at Advisera, chats with Thom Langford, CTO of the EMEA region at Rapid7 and a director at (TL)2 Security. Thom shares invaluable insights from his 30-year career in cybersecurity, focusing on creating a business-aligned cybersecurity strategy and building a cybersecurity culture. Learn why understanding your business is crucial for effective cybersecurity, how to integrate security without hindering business operations, and ways to leverage cybersecurity as a competitive advantage. Thom also discusses the importance of risk management and how to effectively communicate cybersecurity needs to senior leadership. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with Thom Langford (01:18) - Understanding Cybersecurity Strategy (04:00) - Implementing Effective Cybersecurity Measures (08:56) - Risk Management in Cybersecurity (17:02) - Cybersecurity as a Competitive Advantage (28:31) - Security Professionals' Role in Business (30:13) - People-Centered Security (33:58) - Effective Training Strategies (37:49) - Creating a Security Culture (42:01) - The Power of Storytelling and Humor (51:53) - Resources for Consultants

  --------  

  53:14

  --------

  53:14
• Demystifying Corporate Governance With ISO 37000 | Interview with George Kesteven

  In this episode of the Secure and Simple podcast, host Dejan Kosutic interviews George Kesteven, CEO of Frontex, who shares his experience in corporate governance. They discuss the critical importance of proper documentation and knowledge management in organizations for effective governance and compliance. The conversation covers the fundamentals of ISO 37000, how it helps organizations meet their governance objectives, and the distinctions between governance and management. They also explore how consultants can leverage ISO 37000 to assist organizations in achieving well-defined and structured governance systems. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with George Kesteven (01:14) - The Importance of Governance and Compliance (04:05) - Corporate Governance Management Systems Explained (07:18) - ISO 37000: Principles and Applications (14:26) - Governance vs. Management (18:21) - Consultants' Role in Governance (22:41) - The Value of Proper Documentation (32:00) - ISO 37000: Starting Points for Consultants (36:18) - Measuring Governance with ISO 37004 (38:44) - ESG and Corporate Governance (42:13) - Resources for Consultants

  --------  

  43:34

  --------

  43:34
• U.S. vs International and European Cybersecurity Standards | Interview with John Verry

  In this episode, host Dejan Kosutic, CEO of Advisera, welcomes John Verry, Managing Director at CBIZ Pivot Point Security consulting company. With over 25 years of experience and managing more than a thousand clients, John shares his immense expertise in various cybersecurity frameworks, including ISO 27001, CMMC, HIPAA, and HITRUST. The discussion delves deep into the complexities and opportunities within cybersecurity governance, the nuances of different frameworks (especially ISO 27001 and HITRUST), and the impact of AI and privacy regulations. Whether you're a consultant, CISO, or cybersecurity professional, this episode has valuable insights to help you navigate the ever-evolving landscape of cybersecurity compliance. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits - Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account  - Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining  (00:00) - Interview with John Verry (00:15) - Meet the Guest: John Verry (01:10) - Comparing Cybersecurity Frameworks (05:12) - The Impact of AI and Other Frameworks (07:46) - HITRUST and Its Market (12:00) - HIPAA vs. HITRUST (14:45) - ISO 27001 vs. SOC 2 in the US Market (17:27) - Working with European Clients (24:35) - Navigating Privacy Laws in the US and Europe (29:20) - The Role of AI in Consulting (40:13) - Resources for Consultants

  --------  

  41:34

  --------

  41:34

Mais podcasts de Negócios

Podcasts em tendência em Negócios

Sobre Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance