CISO MindMap Podcast

著者: Scott Hawk & Rafeeq Rehman
無料で聴く

  • サマリー

  • Featuring Rafeeq Rehman, the creator of the CISO MindMap, each week we discuss topics related to the functions of the Chief Information Security Officer. Topics range from the technology needed for cybersecurity to the key business functions that are critical to the success of the CISO and their teams.
    © 2025 Rafeeq Rehman & Scott Hawk
    続きを読む 一部表示

あらすじ・解説

Featuring Rafeeq Rehman, the creator of the CISO MindMap, each week we discuss topics related to the functions of the Chief Information Security Officer. Topics range from the technology needed for cybersecurity to the key business functions that are critical to the success of the CISO and their teams.
© 2025 Rafeeq Rehman & Scott Hawk
続きを読む 一部表示
エピソード
  • CMM 8 - Building or Outsourcing Your SOC

    CMM 8 - Building or Outsourcing Your SOC
    2025/03/02

    Send us fan mail via text by clicking here!

    In this episode, Rafeeq and Scott discuss the many considerations involved with building your own Security Operations Center SOC. While in no way a comprehensive analysis, the discussion attempts to make the concepts manageable. If you're a small company growing past a few IT headcount, the topic should help you create a vision for your situation. If you’re a larger company and looking to expand, these pointers may be of help

    This conversation focused on budgeting, structure, and decision-making processes, including the choice between building in-house or outsourcing. The discussion covered various aspects of SOC operations, such as staffing requirements, skill development, and the importance of continuous learning in the face of evolving threats. Also emphasized is the need for proper shift management, stress tolerance, and the value of tabletop exercises and purple teaming in assessing SOC effectiveness.

    Rafeeq wrote a great book on this topic. Have a look on Amazon here.

    Check out the calculator Rafeeq mentions in the podcast here.

    https://rafeeqrehman.com/ciso-mindmap/
    https://www.linkedin.com/in/scott-a-hawk/
    https://www.linkedin.com/in/rafeeq/
    続きを読む 一部表示
    37 分
  • CMM 7 - Business Lingo For CISOs

    CMM 7 - Business Lingo For CISOs
    2025/02/23

    Click here to send us your comments!

    Welcome to Episode 7 of the CISO MindMap Podcast. This week, Rafeeq and Scott discuss a range of topics related to business acumen. Tucked away in this topic are references to some common themes of this podcast. Themes such as brand-building, business performance, and business alignment are spread throughout the conversation.

    This episode breaks down the business acumen topic into five areas:

    1. Business Management
    2. Accounting & Finance
    3. Sales & Marketing
    4. Industry Specific Knowledge
    5. Legal Terminology and Concepts

    https://rafeeqrehman.com/ciso-mindmap/
    https://www.linkedin.com/in/scott-a-hawk/
    https://www.linkedin.com/in/rafeeq/
    続きを読む 一部表示
    35 分
  • CMM 6 - Six Essential Ingredients of a Successful SOC

    CMM 6 - Six Essential Ingredients of a Successful SOC
    2025/02/16

    Send us fan mail via text by clicking here!

    This week, Scott and Rafeeq go wide across the CISO MindMap discussing six key concepts for every Security Operations Center. As the conversation kicks off, Rafreeq takes a few minutes to discuss a recent FBI warning related to texting.

    The six elements discussed are People/Staffing, Processes, Technology Stack, Governance, Data Sources, and Threat Intelligence. Check out Rafeeq’s blog for written commentary on these topics.

    During the conversation, Scott mentions a security incident from Christmas Eve 2024. He laments not recalling the specifics but as predicted, it is well documented. That incident was a hack of a Chrome extension.

    Breach Stats: Scott mentioned that certain statistics are widely available to search engines. Here are the results from a ChatGPT request from February 2025.

    1. Time to Detect and Contain a Breach:

    • Average Detection Time: In 2024, the global average time to identify and contain a data breach was 258 days, marking a seven-year low.
      fieldeffect.com
    • Industry Variations: Detection and containment times can vary by industry. For instance, the energy sector is among the fastest, yet still takes over 30 days on average to identify a breach.
      varonis.com

    2. Attacker Dwell Time:

    • Definition: Dwell time refers to the duration an attacker remains undetected within a system.
    • Current Trends: In 2023, the global median dwell time was reported as 10 days, a decrease from 16 days in 2022.
      reddit.com

    3. Average Cost of a Data Breach:

    • Global Average: The average cost of a data breach globally reached an all-time high of $4.88 million in 2024, a 10% increase from the previous year.
      ibm.com
    • Cost by Company Size:
      • Small Businesses (fewer than 500 employees): Average cost of $2.98 million.
      • Medium Businesses (500-1,000 employees): Slightly lower at $2.63 million.
      • Larger Businesses (1,001-5,000 employees): Higher average cost of $4.09 million.
        prowritersins.com
    • Cost by Industry: Breaches involving customer personal data are particularly expensive, costing $173 per record on average in 2024, up from $156 in 2023.
      bakerdonelson.com

    4. Impact of Detection Time on Breach Cost:

    • Correlation: The longer a breach remains undetected, the higher the financial impact. Companies that contained a breach in less than 30 days saved more than $1 million compared to those that took longer.

    https://rafeeqrehman.com/ciso-mindmap/
    https://www.linkedin.com/in/scott-a-hawk/
    https://www.linkedin.com/in/rafeeq/
    続きを読む 一部表示
    40 分

CISO MindMap Podcastに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。